1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
|
Internet Engineering Task Force (IETF) C. Holmberg
Request for Comments: 6223 Ericsson
Category: Standards Track April 2011
ISSN: 2070-1721
Indication of Support for Keep-Alive
Abstract
This specification defines a new Session Initiation Protocol (SIP)
Via header field parameter, "keep", which allows adjacent SIP
entities to explicitly negotiate usage of the Network Address
Translation (NAT) keep-alive mechanisms defined in SIP Outbound, in
cases where SIP Outbound is not supported, cannot be applied, or
where usage of keep-alives is not implicitly negotiated as part of
the SIP Outbound negotiation.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc6223.
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Holmberg Standards Track [Page 1]
^L
RFC 6223 Keep-Alive April 2011
Table of Contents
1. Introduction ....................................................2
1.1. Use-Case: Dialog from Non-Registered UAs ...................3
1.2. Use-Case: SIP Outbound Not Supported .......................3
1.3. Use-Case: SIP Dialog Initiated Outbound Flows ..............3
2. Conventions .....................................................3
3. Definitions .....................................................4
4. User Agent and Proxy Behavior ...................................4
4.1. General ....................................................4
4.2. Lifetime of Keep-Alives ....................................5
4.2.1. General .............................................5
4.2.2. Keep-Alives Associated with Registration ............5
4.2.3. Keep-Alives Associated with Dialog ..................6
4.3. Behavior of a SIP Entity Willing to Send Keep-Alives .......6
4.4. Behavior of a SIP Entity Willing to Receive Keep-Alives ....7
5. Keep-Alive Frequency ............................................8
6. Connection Reuse ................................................9
7. Examples ........................................................9
7.1. General ....................................................9
7.2. Keep-Alive Negotiation Associated with
Registration: UA-Proxy .....................................9
7.3. Keep-Alive Negotiation Associated with Dialog: UA-Proxy ...11
7.4. Keep-Alive Negotiation Associated with Dialog: UA-UA ......13
8. Grammar ........................................................15
8.1. General ...................................................15
8.2. ABNF ......................................................15
9. IANA Considerations ............................................15
9.1. "keep" Via Header Field Parameter .........................15
10. Security Considerations .......................................15
11. Acknowledgements ..............................................16
12. References ....................................................17
12.1. Normative References .....................................17
12.2. Informative References ...................................17
1. Introduction
Section 3.5 of SIP Outbound [RFC5626] defines two keep-alive
mechanisms. Even though the keep-alive mechanisms are separated from
the rest of the SIP Outbound mechanism, SIP Outbound does not define
a mechanism to explicitly negotiate usage of the keep-alive
mechanisms. In some cases, usage of keep-alives can be implicitly
negotiated as part of the SIP Outbound negotiation.
However, there are SIP Outbound use-cases where usage of keep-alives
is not implicitly negotiated as part of the SIP Outbound negotiation.
In addition, there are cases where SIP Outbound is not supported, or
where it cannot be applied, but where there is still a need to be
Holmberg Standards Track [Page 2]
^L
RFC 6223 Keep-Alive April 2011
able to negotiate usage of keep-alives. Last, SIP Outbound only
allows keep-alives to be negotiated between a User Agent (UA) and an
edge proxy, and not between other SIP entities.
This specification defines a new Session Initiation Protocol (SIP)
[RFC3261] Via header field parameter, "keep", which allows adjacent
SIP entities to explicitly negotiate usage of the NAT keep-alive
mechanisms defined in SIP Outbound. The "keep" parameter allows SIP
entities to indicate willingness to send keep-alives, to indicate
willingness to receive keep-alives, and -- for SIP entities willing
to receive keep-alives -- to provide a recommended keep-alive
frequency.
The following sections describe use-cases where a mechanism to
explicitly negotiate usage of keep-alives is needed.
1.1. Use-Case: Dialog from Non-Registered UAs
In some cases, a User Agent Client (UAC) does not register itself
before it establishes a dialog, but in order to maintain NAT bindings
open during the lifetime of the dialog, it still needs to be able to
negotiate the sending of keep-alives towards its adjacent downstream
SIP entity. A typical example is an emergency call, where a
registration is not always required in order to make the call.
1.2. Use-Case: SIP Outbound Not Supported
In some cases, some SIP entities that need to be able to negotiate
the use of keep-alives might not support SIP Outbound. However, they
might still support the keep-alive mechanisms defined in SIP Outbound
and need to be able to negotiate usage of them.
1.3. Use-Case: SIP Dialog Initiated Outbound Flows
SIP Outbound allows the establishment of flows using the initial
request for a dialog. As specified in RFC 5626 [RFC5626], usage of
keep-alives is not implicitly negotiated for such flows.
2. Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in BCP 14, RFC 2119
[RFC2119].
Holmberg Standards Track [Page 3]
^L
RFC 6223 Keep-Alive April 2011
3. Definitions
Edge proxy: As defined in RFC 5626, a SIP proxy that is located
topologically between the registering User Agent (UA) and the
Authoritative Proxy.
NOTE: In some deployments, the edge proxy might be physically
located in the same SIP entity as the Authoritative Proxy.
Keep-alives: The keep-alive messages defined in RFC 5626.
"keep" parameter: A SIP Via header field parameter that a SIP entity
can insert in the topmost Via header field that it adds to the
request, to explicitly indicate willingness to send keep-alives
towards its adjacent downstream SIP entity. A SIP entity can add a
parameter value to the "keep" parameter in a response to explicitly
indicate willingness to receive keep-alives from its adjacent
upstream SIP entity.
SIP entity: SIP User Agent (UA), or proxy, as defined in RFC 3261.
Adjacent downstream SIP entity: The adjacent SIP entity in the
direction towards which a SIP request is sent.
Adjacent upstream SIP entity: The adjacent SIP entity in the
direction from which a SIP request is received.
4. User Agent and Proxy Behavior
4.1. General
This section describes how SIP UAs and proxies negotiate usage of
keep-alives associated with a registration or a dialog, which types
of SIP requests can be used in order to negotiate the usage, and the
lifetime of the negotiated keep-alives.
SIP entities indicate willingness to send keep-alives towards the
adjacent downstream SIP entity using SIP requests. The associated
responses are used by SIP entities to indicate willingness to receive
keep-alives. SIP entities that indicate willingness to receive keep-
alives can provide a recommended keep-alive frequency.
The procedures to negotiate usage of keep-alives are identical for
SIP UAs and proxies.
In general, it can be useful for SIP entities to indicate willingness
to send keep-alives, even if they are not aware of any necessity for
them to send keep-alives, since the adjacent downstream SIP entity
Holmberg Standards Track [Page 4]
^L
RFC 6223 Keep-Alive April 2011
might have knowledge about the necessity. Similarly, if the adjacent
upstream SIP entity has indicated willingness to send keep-alives, it
can be useful for SIP entities to indicate willingness to receive
keep-alives, even if they are not aware of any necessity for the
adjacent upstream SIP entity to send them.
NOTE: Usage of keep-alives is negotiated per direction. If a SIP
entity has indicated willingness to receive keep-alives from an
adjacent SIP entity, the sending of keep-alives towards that
adjacent SIP entity needs to be separately negotiated.
NOTE: Since there are SIP entities that already use a combination
of Carriage Return and Line Feed (CRLF) as keep-alive messages,
and SIP entities are expected to be able to receive those, this
specification does not forbid the sending of double-CRLF keep-
alive messages towards an adjacent SIP entity even if usage of
keep-alives with that SIP entity has not been negotiated.
However, the "keep" parameter is still important in order for a
SIP entity to indicate that it supports the sending of double-CRLF
keep-alive messages, so that the adjacent downstream SIP entity
does not use other mechanisms (e.g., short registration refresh
intervals) in order to keep NAT bindings open.
4.2. Lifetime of Keep-Alives
4.2.1. General
The lifetime of negotiated keep-alives depends on whether the keep-
alives are associated with a registration or a dialog. This section
describes the lifetime of negotiated keep-alives.
4.2.2. Keep-Alives Associated with Registration
SIP entities use a registration request in order to negotiate usage
of keep-alives associated with a registration. Usage of keep-alives
can be negotiated when the registration is established, or later
during the registration. Once negotiated, keep-alives are sent until
the registration is terminated, or until a subsequent registration
refresh request is sent or forwarded. When a subsequent registration
refresh request is sent or forwarded, if a SIP entity is willing to
continue sending keep-alives associated with the registration, usage
of keep-alives MUST be re-negotiated. If usage is not successfully
re-negotiated, the SIP entity MUST cease the sending of keep-alives
associated with the registration.
NOTE: The sending of keep-alives associated with a registration
can only be negotiated in the direction from the registering SIP
entity towards the registrar.
Holmberg Standards Track [Page 5]
^L
RFC 6223 Keep-Alive April 2011
4.2.3. Keep-Alives Associated with Dialog
SIP entities use an initial request for a dialog, or a mid-dialog
target refresh request [RFC3261], in order to negotiate the sending
and receiving of keep-alives associated with a dialog. Usage of
keep-alives can be negotiated when the dialog is established, or
later during the lifetime of the dialog. Once negotiated, keep-
alives MUST be sent for the lifetime of the dialog, until the dialog
is terminated. Once the usage of keep-alives associated with a
dialog has been negotiated, it is not possible to re-negotiate the
usage associated with the dialog.
4.3. Behavior of a SIP Entity Willing to Send Keep-Alives
As defined in RFC 5626, a SIP entity that supports the sending of
keep-alives must act as a Session Traversal Utilities for NAT (STUN)
client [RFC5389]. The SIP entity must support those aspects of STUN
that are required in order to apply the STUN keep-alive mechanism
defined in RFC 5626, and it must support the CRLF keep-alive
mechanism defined in RFC 5626. RFC 5626 defines when to use STUN and
when to use double-CRLF for keep-alives.
When a SIP entity sends or forwards a request, if it wants to
negotiate the sending of keep-alives associated with a registration
or a dialog, it MUST insert a "keep" parameter in the topmost Via
header field that it adds to the request, to indicate willingness to
send keep-alives.
When the SIP entity receives the associated response, if the "keep"
parameter in the topmost Via header field of the response contains a
"keep" parameter value, it MUST start sending keep-alives towards the
same destination where it would send a subsequent request (e.g.,
REGISTER requests and initial requests for dialog) associated with
the registration (if the keep-alive negotiation is for a
registration), or where it would send subsequent mid-dialog requests
(if the keep-alive negotiation is for a dialog). Subsequent
mid-dialog requests are addressed based on the dialog route set.
Once a SIP entity has negotiated the sending of keep-alives
associated with a dialog towards an adjacent SIP entity, it MUST NOT
insert a "keep" parameter in any subsequent SIP requests associated
with that dialog towards that adjacent SIP entity. Such "keep"
parameters MUST be ignored, if received.
Since an ACK request does not have an associated response, it cannot
be used to negotiate usage of keep-alives. Therefore, a SIP entity
MUST NOT insert a "keep" parameter in the topmost Via header field of
an ACK request. Such "keep" parameters MUST be ignored, if received.
Holmberg Standards Track [Page 6]
^L
RFC 6223 Keep-Alive April 2011
A SIP entity MUST NOT indicate willingness to send keep-alives
associated with a dialog, unless it has also inserted itself in the
dialog route set [RFC3261].
NOTE: When a SIP entity sends an initial request for a dialog, if
the adjacent downstream SIP entity does not insert itself in the
dialog route set using a Record-Route header field [RFC3261], the
adjacent downstream SIP entity will change once the dialog route
set has been established. If a SIP entity inserts a "keep"
parameter in the topmost Via header field of an initial request
for a dialog, and the "keep" parameter in the associated response
does not contain a parameter value, the SIP entity might choose to
insert a "keep" parameter in the topmost Via header field of a
subsequent SIP request associated with the dialog, in case the new
adjacent downstream SIP entity (based on the dialog route set) is
willing to receive keep-alives (in which case it will add a
parameter value to the "keep" parameter).
If an INVITE request is used to indicate willingness to send keep-
alives, as long as at least one response (provisional or final) to
the INVITE request contains a "keep" parameter with a parameter
value, it is seen as an indication that the adjacent downstream SIP
entity is willing to receive keep-alives associated with the dialog
on which the response is received.
4.4. Behavior of a SIP Entity Willing to Receive Keep-Alives
As defined in RFC 5626, a SIP entity that supports the receiving of
keep-alives must act as a STUN server [RFC5389]. The SIP entity must
support those aspects of STUN that are required in order to apply the
STUN keep-alive mechanism defined in RFC 5626, and it must support
the CRLF keep-alive mechanism defined in RFC 5626.
When a SIP entity sends or forwards a response, and the adjacent
upstream SIP entity has indicated willingness to send keep-alives, if
the SIP entity is willing to receive keep-alives associated with the
registration or with the dialog from that adjacent upstream SIP
entity, then it MUST add a parameter value to the "keep" parameter
before sending or forwarding the response. The parameter value, if
present and with a value other than zero, represents a recommended
keep-alive frequency, given in seconds.
There might be multiple responses to an INVITE request. When a SIP
entity indicates willingness to receive keep-alives in a response to
an INVITE request, it MUST add a parameter value to the "keep"
parameter in at least one reliable response to the request. The SIP
entity MAY add identical parameter values to the "keep" parameters in
other responses to the same request. The SIP entity MUST NOT add
Holmberg Standards Track [Page 7]
^L
RFC 6223 Keep-Alive April 2011
different parameter values to the "keep" parameters in responses to
the same request. The SIP entity SHOULD indicate the willingness to
receive keep-alives as soon as possible.
A SIP entity MUST NOT indicate willingness to receive keep-alives
associated with a dialog, unless it has also inserted itself in the
dialog route set [RFC3261].
5. Keep-Alive Frequency
If a SIP entity receives a SIP response, where the topmost Via header
field contains a "keep" parameter with a non-zero value that
indicates a recommended keep-alive frequency, given in seconds, it
MUST use the procedures defined for the Flow-Timer header field
[RFC5626]. According to the procedures, the SIP entity must send
keep-alives at least as often as the indicated recommended keep-alive
frequency, and if the SIP entity uses the recommended keep-alive
frequency, then it should send its keep-alives so that the interval
between each keep-alive is randomly distributed between 80% and 100%
of the recommended keep-alive frequency.
If the received "keep" parameter value is zero, the SIP entity can
send keep-alives at its discretion. RFC 5626 provides additional
guidance on selecting the keep-alive frequency in case a recommended
keep-alive frequency is not provided.
This specification does not specify actions to take if negotiated
keep-alives are not received. As defined in RFC 5626, the receiving
SIP entity may consider a connection to be dead in such situations.
If a SIP entity that adds a parameter value to the "keep" parameter
in order to indicate willingness to receive keep-alives also inserts
a Flow-Timer header field (that can happen if the SIP entity is using
both the Outbound mechanism and the keep-alive mechanism) in the same
SIP message, the header field value and the "keep" parameter value
MUST be identical.
SIP Outbound uses the Flow-Timer header field to indicate the server-
recommended keep-alive frequency; however, it will only be sent
between a UA and an edge proxy. On the other hand, by using the
"keep" parameter, the sending and receiving of keep-alives can be
negotiated between multiple entities on the signalling path. In
addition, since the server-recommended keep-alive frequency might
vary between different SIP entities, a single Flow-Timer header field
cannot be used to indicate all the different frequency values.
Holmberg Standards Track [Page 8]
^L
RFC 6223 Keep-Alive April 2011
6. Connection Reuse
Keep-alives are often sent in order to keep NAT bindings open, so
that SIP requests sent in the reverse direction will pass by the NAT
and reuse the same connection. In the case of non-connection-
oriented transport protocols, keep-alives would permit the same path
to be reused. This specification does not define such a connection
reuse mechanism. The keep-alive mechanism defined in this
specification is only used to negotiate the sending and receiving of
keep-alives. Entities that want to reuse connections need to use
another mechanism to ensure that security aspects associated with
connection reuse are taken into consideration.
RFC 5923 [RFC5923] specifies a mechanism for using connection-
oriented transports to send requests in the reverse direction, and an
entity that wants to use connection reuse as well as indicate support
of keep-alives on that connection will insert both the "alias"
parameter defined in RFC 5923 and the "keep" parameter defined in
this specification.
SIP Outbound specifies how registration flows are used to send
requests in the reverse direction.
7. Examples
7.1. General
This section shows example flows where usage of keep-alives,
associated with a registration and a dialog, is negotiated between
different SIP entities.
NOTE: The examples do not show the actual syntactical encoding of
the request lines, response lines, and the Via header fields, but
rather a pseudocode in order to identify the message type and also
identify to which SIP entity a Via header field is associated.
7.2. Keep-Alive Negotiation Associated with Registration: UA-Proxy
Figure 1 shows an example where Alice sends a REGISTER request. She
indicates willingness to send keep-alives by inserting a "keep"
parameter in the Via header field of her request. The edge proxy
(P1) forwards the request towards the registrar.
P1 is willing to receive keep-alives from Alice for the duration of
the registration, so when P1 receives the associated response it adds
a "keep" parameter value, which indicates a recommended keep-alive
frequency of 30 seconds, to Alice's Via header field, before it
forwards the response towards Alice.
Holmberg Standards Track [Page 9]
^L
RFC 6223 Keep-Alive April 2011
When Alice receives the response, she determines from her Via header
field that P1 is willing to receive keep-alives associated with the
registration. Until either the registration expires or Alice sends a
registration refresh request, Alice then sends periodic keep-alives
(in this example using the STUN keep-alive technique) towards P1,
using the recommended keep-alive frequency indicated by the "keep"
parameter value.
Alice P1 REGISTRAR
| | |
|--- REGISTER------------->| |
| Via: Alice;keep | |
| |--- REGISTER-------------->|
| | Via: P1 |
| | Via: Alice;keep |
| | |
| |<-- 200 OK ----------------|
| | Via: P1 |
| | Via: Alice;keep |
|<-- 200 OK ---------------| |
| Via: Alice;keep=30 | |
| | |
| | |
| *** Timeout *** |
| | |
|=== STUN request ========>| |
|<== STUN response ========| |
| | |
| *** Timeout *** |
| | |
|=== STUN request ========>| |
|<== STUN response ========| |
| | |
Figure 1: Example Call Flow
Holmberg Standards Track [Page 10]
^L
RFC 6223 Keep-Alive April 2011
7.3. Keep-Alive Negotiation Associated with Dialog: UA-Proxy
Figure 2 shows an example where Alice sends an initial INVITE request
for a dialog. She indicates willingness to send keep-alives by
inserting a "keep" parameter in the Via header field of her request.
The edge proxy (P1) adds itself to the dialog route set by adding
itself to a Record-Route header field, before it forwards the request
towards Bob.
P1 is willing to receive keep-alives from Alice for the duration of
the dialog, so when P1 receives the associated response it adds a
"keep" parameter value, which indicates a recommended keep-alive
frequency of 30 seconds, to Alice's Via header field, before it
forwards the response towards Alice.
When Alice receives the response, she determines from her Via header
field that P1 is willing to receive keep-alives associated with the
dialog. For the lifetime of the dialog, Alice then sends periodic
keep-alives (in this example using the STUN keep-alive technique)
towards P1, using the recommended keep-alive frequency indicated by
the "keep" parameter value.
Holmberg Standards Track [Page 11]
^L
RFC 6223 Keep-Alive April 2011
Alice P1 Bob
| | |
|--- INVITE -------------->| |
| Via: Alice;keep | |
| |--- INVITE --------------->|
| | Via: P1 |
| | Via: Alice;keep |
| | Record-Route: P1 |
| | |
| |<-- 200 OK ----------------|
| | Via: P1 |
| | Via: Alice;keep |
| | Record-Route: P1 |
|<-- 200 OK ---------------| |
| Via: Alice;keep=30 | |
| Record-Route: P1 | |
| | |
|--- ACK ----------------->| |
| | |
| |--- ACK ------------------>|
| | |
| *** Timeout *** |
| | |
|=== STUN request ========>| |
|<== STUN response ========| |
| | |
| *** Timeout *** |
| | |
|=== STUN request ========>| |
|<== STUN response ========| |
| | |
| | |
|--- BYE ----------------->| |
| | |
| |--- BYE ------------------>|
| | |
| |<-- 200 OK ----------------|
| | |
Figure 2: Example Call Flow
Holmberg Standards Track [Page 12]
^L
RFC 6223 Keep-Alive April 2011
7.4. Keep-Alive Negotiation Associated with Dialog: UA-UA
Figure 3 shows an example where Alice sends an initial INVITE request
for a dialog. She indicates willingness to send keep-alives by
inserting a "keep" parameter in the Via header field of her request.
In this scenario, the edge proxy (P1) does not add itself to a
Record-Route header field (and so will not be added to the dialog
route set) before forwarding the request towards Bob.
When Alice receives the response, she determines from the Via header
field that P1 is not willing to receive keep-alives associated with
the dialog from her. When the dialog route set has been established,
Alice sends a mid-dialog UPDATE request towards Bob (since P1 did not
insert itself in the dialog route set), and she once again indicates
willingness to send keep-alives by inserting a "keep" parameter in
the Via header field of her request. Bob supports the keep-alive
mechanism, and is willing to receive keep-alives associated with the
dialog from Alice, so he creates a response and adds a "keep"
parameter value, which indicates a recommended keep-alive frequency
of 30 seconds, to Alice's Via header field, before he forwards the
response towards Alice.
When Alice receives the response, she determines from her Via header
field that Bob is willing to receive keep-alives associated with the
dialog. For the lifetime of the dialog, Alice then sends periodic
keep-alives (in this example using the STUN keep-alive technique)
towards Bob, using the recommended keep-alive frequency indicated by
the "keep" parameter value.
Holmberg Standards Track [Page 13]
^L
RFC 6223 Keep-Alive April 2011
Alice P1 Bob
| | |
|--- INVITE -------------->| |
| Via: Alice;keep | |
| |--- INVITE --------------->|
| | Via: P1 |
| | Via: Alice;keep |
| | |
| |<-- 200 OK ----------------|
| | Via: P1 |
| | Via: Alice;keep |
|<-- 200 OK ---------------| |
| Via: Alice;keep | |
| | |
| |
|--- ACK --------------------------------------------->|
| |
|--- UPDATE ------------------------------------------>|
| Via: Alice;keep |
| |
|<-- 200 OK -------------------------------------------|
| Via: Alice;keep=30 |
| |
| |
| *** Timeout *** |
| |
|=== STUN request ====================================>|
|<== STUN response ====================================|
| |
| *** Timeout *** |
| |
|=== STUN request ====================================>|
|<== STUN response ====================================|
| |
| |
|--- BYE --------------------------------------------->|
| |
|<-- 200 OK -------------------------------------------|
| |
Figure 3: Example Call Flow
Holmberg Standards Track [Page 14]
^L
RFC 6223 Keep-Alive April 2011
8. Grammar
8.1. General
This section extends the ABNF definition of via-params from [RFC3261]
by adding a new Via header field parameter, "keep". The ABNF defined
in this specification is conformant to RFC 5234 [RFC5234]. "EQUAL"
is defined in RFC 3261. "DIGIT" is defined in RFC 5234.
8.2. ABNF
via-params =/ keep
keep = "keep" [ EQUAL 1*(DIGIT) ]
9. IANA Considerations
9.1. "keep" Via Header Field Parameter
This specification defines a new Via header field parameter called
"keep" in the "Header Field Parameters and Parameter Values"
sub-registry as per the registry created by [RFC3968]. The syntax is
defined in Section 8 of this document. IANA has registered the
following:
Predefined
Header Field Parameter Name Values Reference
---------------------- --------------------- ---------- ---------
Via keep No [RFC6223]
10. Security Considerations
SIP entities that send or receive keep-alives are often required to
use a connection reuse mechanism, in order to ensure that requests
sent in the reverse direction, towards the sender of the keep-alives,
traverse NATs, etc. This specification does not define a connection
reuse mechanism, and it does not address security issues related to
connection reuse. SIP entities that wish to reuse connections need
to use a dedicated connection reuse mechanism, in conjunction with
the keep-alive negotiation mechanism.
Unless SIP messages are integrity protected hop-by-hop, e.g., using
Transport Layer Security (TLS) [RFC5246] or Datagram Transport Layer
Security (DTLS) [RFC4347], a man-in-the-middle can modify Via header
fields used by two entities to negotiate the sending of keep-alives,
e.g., by removing the designations used to indicate willingness to
send and receive keep-alives, or by decreasing the timer value to a
very low value, which might trigger additional resource consumption
due to the frequently sent keep-alives.
Holmberg Standards Track [Page 15]
^L
RFC 6223 Keep-Alive April 2011
The behaviors defined in Sections 4.3 and 4.4 require a SIP entity
using the mechanism defined in this specification to place a value in
the "keep" parameter in the topmost Via header field value of a
response the SIP entity sends. They do not instruct the entity to
place a value in a "keep" parameter of any request it forwards. In
particular, a SIP proxy MUST NOT place a value into the "keep"
parameter of the topmost Via header field value of a request it
receives before forwarding it. A SIP proxy implementing this
specification SHOULD remove any "keep" parameter values in any Via
header field values below the topmost one in responses it receives
before forwarding them.
When requests are forwarded across multiple hops, it is possible for
a malicious downstream SIP entity to tamper with the accrued values
in the Via header field. The malicious SIP entity could place a
value, or change an existing value in a "keep" parameter in any of
the Via header field values -- not just the topmost value. A proxy
implementation that simply forwards responses by stripping the
topmost Via header field value and not inspecting the resulting new
topmost Via header field value risks being adversely affected by such
a malicious downstream SIP entity. In particular, such a proxy may
start receiving STUN requests if it blindly forwards a response with
a "keep" parameter with a value it did not create in the topmost Via
header field.
To lower the chances of the malicious SIP entity's actions having
adverse effects on such proxies, when a SIP entity sends STUN keep-
alives to an adjacent downstream SIP entity and does not receive a
response to those STUN messages (as described in Section 7.2.1 of
RFC 5389 [RFC5389], it MUST stop sending keep-alives for the
remaining duration of the dialog (if the sending of keep-alives were
negotiated for a dialog) or until the sending of keep-alives is
re-negotiated for the registration (if the sending keep-alives were
negotiated for a registration).
Apart from the issues described above, this specification does not
introduce security considerations in addition to those specified for
keep-alives in [RFC5626].
11. Acknowledgements
Thanks to Staffan Blau, Francois Audet, Hadriel Kaplan, Sean
Schneyer, and Milo Orsic for their comments on the initial draft
version of this document. Thanks to Juha Heinanen, Jiri Kuthan, Dean
Willis, John Elwell, Paul Kyzivat, Peter Musgrave, Dale Worley, Adam
Roach, and Robert Sparks for their comments on the sipcore mailing
list. Thanks to Vijay Gurbani for providing text about the
relationship with the connect reuse specification.
Holmberg Standards Track [Page 16]
^L
RFC 6223 Keep-Alive April 2011
12. References
12.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E.
Schooler, "SIP: Session Initiation Protocol", RFC 3261,
June 2002.
[RFC5234] Crocker, D., Ed., and P. Overell, "Augmented BNF for
Syntax Specifications: ABNF", STD 68, RFC 5234,
January 2008.
[RFC5389] Rosenberg, J., Mahy, R., Matthews, P., and D. Wing,
"Session Traversal Utilities for NAT (STUN)", RFC 5389,
October 2008.
[RFC5626] Jennings, C., Ed., Mahy, R., Ed., and F. Audet, Ed.,
"Managing Client-Initiated Connections in the Session
Initiation Protocol (SIP)", RFC 5626, October 2009.
12.2. Informative References
[RFC3968] Camarillo, G., "The Internet Assigned Number Authority
(IANA) Header Field Parameter Registry for the Session
Initiation Protocol (SIP)", BCP 98, RFC 3968,
December 2004.
[RFC4347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer
Security", RFC 4347, April 2006.
[RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
(TLS) Protocol Version 1.2", RFC 5246, August 2008.
[RFC5923] Gurbani, V., Ed., Mahy, R., and B. Tate, "Connection Reuse
in the Session Initiation Protocol (SIP)", RFC 5923,
June 2010.
Holmberg Standards Track [Page 17]
^L
RFC 6223 Keep-Alive April 2011
Author's Address
Christer Holmberg
Ericsson
Hirsalantie 11
Jorvas 02420
Finland
EMail: christer.holmberg@ericsson.com
Holmberg Standards Track [Page 18]
^L
|
