proxy
Click on the red underlined text to get to the source
... user agents, and intermediate elements are known as proxy servers. A
typical SIP configuration, referred to as the SIP ...
... wishes to call Joe in domain B (joe@B). To do so, it communicates
with proxy 1 in its domain (domain A). Proxy ...
... domain A). Proxy 1 forwards the request
to the proxy for the domain of the called party (domain B), which is
...
... domain of the called party (domain B), which is
proxy 2. Proxy 2 forwards the call to the called party, UA 2.
...
... DNS is needed to help solve two aspects of the general call flow
described in the Introduction. The first is for proxy 1 to discover
the SIP server in domain ...
... SIP server in domain B, in order to forward the call for joe@B.
The second is for proxy 2 to identify a backup for proxy 1 in the
event it fails after forwarding the request.
...
... domain B, in order to forward the call for joe@B.
The second is for proxy 2 to identify a backup for proxy 1 in the
event it fails after forwarding the request.
...
... event it fails after forwarding the request.
For the first aspect, proxy 1 specifically needs to determine the IP
address, port, and transport protocol ...
... be able to automatically determine which transport protocols are
available. The proxy sending the request has a particular set of
transport protocols it supports and a preference for using those
...
... transport protocols it supports and a preference for using those
transport protocols. Proxy 2 has its own set of transport protocols
it supports, and relative preferences for those transport protocols ...
... so that there is always an intersection of capabilities. Some form
of DNS procedures are needed for proxy 1 to discover the available
transport protocols for SIP ...
... domain B, and the relative
preferences of those transport protocols. Proxy 1 intersects its
list of supported transport protocols with those of proxy ...
... Proxy 1 intersects its
list of supported transport protocols with those of proxy 2 and then
chooses the protocol preferred by proxy 2.
...
... transport protocols with those of proxy 2 and then
chooses the protocol preferred by proxy 2.
............................ ..............................
...
... . +-------+ . . +-------+ .
. | | . . | | .
. | Proxy |------------- | Proxy | .
. | 1 | . . | 2 | .
...
... of a next hop element, called a server (it can be a proxy or a user
agent). Such processing could, in principle, occur at every hop
between elements ...
... version of the network in Figure 1, proxy 2 would be a cluster of
homogeneously configured proxies ...
... upstream elements detect
failures. For example, assume that proxy 2 is implemented as a
cluster of two proxies ...
... proxies, proxy 2.1 and proxy 2.2. If proxy 1 sends a
request to proxy 2.1 and the request fails, it retries the request by
...
... proxy 2.2. If proxy 1 sends a
request to proxy 2.1 and the request fails, it retries the request by
sending it to proxy 2.2. In many cases, proxy ...
... request to proxy 2.1 and the request fails, it retries the request by
sending it to proxy 2.2. In many cases, proxy 1 will not know which
domains ...
... proxy 2.1 and the request fails, it retries the request by
sending it to proxy 2.2. In many cases, proxy 1 will not know which
domains it will ultimately communicate with. That information would
...
... be known when a user actually makes a call to another user in that
domain. Proxy 1 may never communicate with that domain again after
the call completes. Proxy ...
... Proxy 1 may never communicate with that domain again after
the call completes. Proxy 1 may communicate with thousands of
different domains within a few minutes, and proxy ...
... Proxy 1 may communicate with thousands of
different domains within a few minutes, and proxy 2 could receive
requests from thousands of different domains within a few minutes.
...
... state for the proxies it will communicate with. When a proxy gets
its first call with a particular domain, it will try the servers in
...
... elements to fail in the middle of a transaction.
For example, after proxy 2 forwards the request to UA 2, proxy 1
...
... For example, after proxy 2 forwards the request to UA 2, proxy 1
fails. UA 2 sends its response to proxy ...
... proxy 1
fails. UA 2 sends its response to proxy 2, which tries to forward it
to proxy 1, which is no longer available. The second aspect of the
...
... UA 2 sends its response to proxy 2, which tries to forward it
to proxy 1, which is no longer available. The second aspect of the
flow in the introduction for which DNS ...
... flow in the introduction for which DNS is needed, is for proxy 2 to
identify a backup for proxy 1 that it can send the response to. This
...
... DNS is needed, is for proxy 2 to
identify a backup for proxy 1 that it can send the response to. This
problem is more realistic in SIP than it is in other transactional
...
... some cases, also documented in [1], the request can be sent to a
specific intermediate proxy not identified by a SIP URI, but rather,
by a hostname or numeric IP address ...
... used for purposes of this specification, is constructed. That URI is
of the form sip:<proxy>, where <proxy> is the FQDN or numeric IP
address ...
... URI is
of the form sip:<proxy>, where <proxy> is the FQDN or numeric IP
address of the next-hop ...
... FQDN or numeric IP
address of the next-hop proxy. As a result, in all cases, the
problem boils down to resolution of a SIP or SIPS URI ...
... there were no failures when attempting to contact a server. Whenever
the stateless proxy receives the request, it performs the appropriate
DNS queries as described above. However, the procedures of RFC 2782prop ...
... priority have no specified order. The stateless
proxy MUST define a deterministic order to the records in that case,
using any algorithm at its disposal. One suggestion is to
...
... both a weight of 1000), and similarly for NAPTR records. If the
first server is contacted successfully, the proxy can remain
stateless ...
... stateless. However, if the first server is not contacted
successfully, and a subsequent server is, the proxy cannot remain
stateless for this transaction ...
... retransmission could very well go to a different server if the failed
one recovers between retransmissions. As such, whenever a proxy does
not successfully contact the first server, it SHOULD act as a
stateful proxy ...
... proxy does
not successfully contact the first server, it SHOULD act as a
stateful proxy.
Unfortunately, it is still possible for a stateless ...
...
Unfortunately, it is still possible for a stateless proxy to deliver
retransmissions to different servers, even if it follows the
...
... perform the NAPTR queries. It is therefore possible for a proxy to
ignore SIPS entries even though they are present, resulting in
downgraded security ...
... prevent such attacks. Clients are simply dependent on proxy servers
for call completion, and must trust that they implement the protocol
...
... traffic (in the absence of
DNSSEC), whereas compromising and commandeering a proxy server
requires a break-in, and is seen as the considerably less likely
downgrade threat.
...