A more practical test on SIP skills

If you have the answers you can send them to me. If you like to discuss these or some other questions send me email with your suggestions/comments. I will keep this updating so feel free to visit again. New questions will be added at the end.

  1. Why is SIP Via header needed? Why should the response traverse the same path as the request for SIP messages?
    Via header is needed so that response can traverse the reverse request path. The response needs to traverse the reverse request path, so that intermediate proxies implement reliability state machine for INVITE and filter responses for forking proxies. If response is sent directly from final destination to original source, it might not reach the original source due to NAT and firewall issues.
  2. Do you need to define a new SIP extension to implement a SIP based conferencing server? Justify.
    No. A conference server can be a SIP user agent to receive or send call invitations, and bridge the media path.
  3. What are the advantages of using SIP on TCP as compared to SIP on UDP? What are the disadvantages?
    SIP on TCP: large message bodies, requirement for secure TLS or "sips", but requires overhead of connection. SIP on UDP: stateless and fast, especially for intermediate proxies, but breaks due to NAT and firewall with large message bodies, and easily prone to spoofed requests causing DoS.
  4. Why is the ACK needed for the SIP INVITE exchange? Why is not needed for BYE? What is the motivation behind the new SIP method, PRACK. A new method REFER is used to transfer the call to a new location. What would you suggest as the retransmission mechanism for REFER.
    Unlike other SIP requests, a SIP INVITE's retransmission stops after receiving a provisional response. This is to avoid retransmitting, because the time between a phone ringing and a user picking up the phone can be too high. To make sure that the final response is delivered, the final response is retransmitted. To stop the retransmission of final response, the caller sends an ACK. In case of BYE and other requests, the reliability is done by retransmitting the request, even after a provisional response is received. For early media, the provisional response needs to be reliably delivered, hence is retransmitted until acknowledged by a PRACK request. TBD: REFER.
  5. If you send a multicast INVITE, how many final responses will you get? (no final response; only one final response; responses from whoever receives INVITE request; responses from whoever wants to accept the INVITE request)
    In RFC 3261, a SIP user agent MAY listen to multicast address to be aware of other users in the location, but do not respond to multicast requests. However, if the SIP devices treat them as UDP requests, it is possble to receive zero or more responses from whoever receives INVITE request. In this case the the UAC treats the first response as valid, and others are retransmissions (section 17.1.3).
  6. Consider a variation of an echo server, A echo SIP server, that sends back the message. If your useragent sends an INVITE to the server it sends back the same INVITE to your user agent. What will your user agent ideally respond with if you want to accept the call if at all possible? Assume that the echo server does not modify the request or response in any way. (2xx/3xx/4xx/6xx/6xx)
    Ideally, you would respond with "482 Loop Detected".
  7. Is it possible for a user agent to send a message with request line "INVITE sip:128.59.19.61 SIP/2.0". Is it possible for a user agent to receive such a request? (yes or no)
    Ideally, a UAC would not send such a request. But a UAS may have registered its Contact as this URI, hence may receive such as request routed via a proxy.
  8. What are the problems in sending media also as part of the SIP message. Consider defining a new method RTPDATA, and headers like RTP-Timestamp, etc., and sending audio payload in the message body of the request?
    Bandwidth will be too high. It will provide unwanted reliability due to SIP retransmission hence more delay. It will have more delay due to the path through all the proxies. Note that SIP can have binary message body, hence that is not really a reason.
  9. You send a message to a sipua on UDP and it works fine, you get the response. But on TCP the server does not send any response back, not even a 1xx. You are been told that the server behaviour is correct. What would you suspect the problem is in your INVITE message from sipua. The message format is the same for both UDP and TCP. (Hint: Which Header is missing?)
    The Content-Length header determines the size of message body. In case of UDP, a robust implementation can assume that whole packet is the SIP message if the Content-Length is missing. This assumption does not apply to TCP. Hence a missing or malformed Content-Length header would be a informed guess.
  10. Is it possible for a user agent to send a SIP INVITE with same request URI and From. Is it possible to receive such a message. (yes or no)
  11. Consider an hacked SIP proxy server that intentionally introduces loops. This server, when it receives an INVITE with Via:office.com, and request URI:bob@home.com, proxies the INVITE to the server at office.com with request URI:bob1@home.com. When request URI is bob{n}@home.com it proxies to bob{n+1}@home.com. Does SIP have mechanism to counter such attacks?
    This attack is possible because a proxy routes requests that are not meant for it. Note that loop detection using Via header cannot be used to counter the attack because request URIs are different. The Max-Forwards header can be used to prevent loop, assuming that the hacked proxy correctly handles this header. Another way is to disable routing requests for which the proxy does not recognize the request-URI and the From header.
  12. A new method in SIP is proposed, MEETING. This method requests all the recipients to join in a conferences specified by the message body/SDP. The inventor claims that all the people in a group can register under one name, e.g., irt-meeting@office.com, and when someone sends a MEETING to this URI, eveyone receives the forked message and can join the conference. Why will this not work? Will INVITE work instead of MEETING?
    No, because proxies perform forking behavior only for INVITE. It does not work for INVITE also, because only one branch of forked request will be successful, and others will be cancelled by the proxy.
  13. What should be the registrar's capacity (request/second) to handle a hundred thousand subscribers/registered users, with registration refresh time as one hour and nonce for digest authentication valid for three hours.
    Every three hours, each user will generate 1+3=4 REGISTER requests. So hundred thousand users will generate 4*100000/3*60*60 = 37 requests/second at the registrar, which should be its minimum capacity. In practice, it should be many times more than this to handle unexpected spike of requests, e.g., restarting the server after significant downtime will cause all users to quickly register.
  14. Some primitive implementation of hardware SIP phones have one user id and password that they use for both digest and basic authentication, for REGISTER and INVITE. That makes a spurious UAS easy to request for basic authorization credentials on an INVITE, and get to know the password. What is the best way to prevent such attacks? Should basic authentication be discouraged? should REGISTER and INVITE use different passwords and userid?
    SIP discourages Basic authentication, and only Digest is used. Using separate passwords for REGISTER and INVITE causes unnecessary complexity. Using separate userid for REGISTER and INVITE does not work well for authenticated call routing. The best solution is to disable Basic authentication at UAC. Alternatively, the UAC should warn the user if it is using the Basic authentication for calls.
  15. Assuming a probability p of packet drop what is the estimated call setup time for a SIP call using UDP. The call setup time is the time when the initial INVITE request is sent to the time when the final response (200, 300, etc) is received. No need to worry about ACK. Assume a round trip time of 2d between the endpoints (i.e., time delay of d for packet transmission from one endpoint to other and vice-versa). All call setup calculation should be done for the caller side, assuming that the call is established when the caller received the final response. How will the estimated value differ for the callee side if you assume that the call is established for the callee when it received the ACK.
  16. One reason to use Via header is to prevent infinite looping. Every proxy can check if it is there in the Via, and if yes, the message was earlier proxied by this proxy and now its coming back (looped). Given that IP has TTL that prevents infinite looping, is Via still needed to prevent loops? What is the advantage of Max-Forwards header over Via in preventing loops?
    Yes, you still need Via, because one proxy sends message to another proxy at application layer, by building a new packet (transport and IP layer), and hence sets the TTL to the initial high value instead of decrementing from received IP packet. Detecting loops using Via header is CPU Intensive, hence expensive, at high speed proxies, hence Max-Forwards allows you to have a fallback loop prevention.
  17. One thing often confused in IP telephony is the path taken by the signaling and media packets. Discuss the advantages and disadvantages of using the same path for signaling and media in IP telephony. Path taken here is the set of routers, and/or application level proxies between the two talking end-points. mention at least one advantage and one disadvantage. What are the mechanisms to carry DTMF signals in a SIP based IP telephony call?
    Advantage of same signaling and media path is that it simplifies the protocol and ensures easy firewall and NAT traversal. Disadvantage is that it introduces unnecessary latency and transport constraints on media path, if signaling path is via multiple proxies or on TCP. Advantage of different signaling and media path is that it de-couples the two, and is more efficient. The disadvantage is that it requires additional work to get around NAT and firewall. In a SIP based IP telephony calls, DTMF signals may be carried as (1) embedded audio, in which case the low bandwidth codecs distort the signal, causing problems in recognization at the receiving end, (2) special RTP packet as per RFC 2833 and signalled as telephone-event media type, or (3) SIP INFO request containing message body describing the signal. The option (2) is preferred, since it avoids the signaling path.
  18. Can you implement an IP telephony call using RTSP, such that RTSP sessions are established in both directions. Users are identified using RTSP URLs like rtsp://user@domain/ What are the problem in this approach?
    Yes, partially. Since RTSP allows both record and playback of real-time media stream, you can have the user publish his own stream, e.g., rtsp://caller@domain/123, and play other person's stream, e.g., rtsp://callee@domain/123, and vice-versa for the other person. Timing the play after publish, you can also do end-to-end media path. The problem is that it does not handle call signaling (ringing of phone only when the other party calls), call routing, e.g., proxy, redirect, forking, etc, and offer/answer session negotiation.
  19. Write pseudo code for a SIP application level gateway. You can assume that you are provided with whatever API needed from SIP library or firewall. What modification do you need in this pseudo code such that it works for NAT also. (Note that NAT is transparent for the host inside the domain, whereas firewall proxy's address and port needs to be specified in the user agent).
  20. Is it possible that a caller receives multiple 200-responses for an outgoing INVITE due to forking proxy? If yes, how does the caller (or the callee?) handle such cases? If not, why?
    Yes. A forking proxy sends a CANCEL to other unterminated branches when it receives a 200-response, and deletes the original transaction state. However, a race condition may cause second receiving device to send 200-response, before it receives the CANCEL. The proxy must forward any 200-response upstream, otherwise the caller cannot send ACK to terminate its retransmissions. The caller should explicitly terminate the second call leg by sending a BYE.
  21. What is the advantage (if any) of end-to-end ACK as compared to ACK routed through the same path as the initial INVITE? Is there any disadvantage?
    Advantage of end-to-end ACK is that it reduces the number of messages to proxies. Disadvantage is that it is an exception rather than a rule hence adds complexity, because ACK for failure response still needs to be hop-by-hop. Another problem could be that for end-to-end ACK the final destination may not be directly reachable from the original source due to NAT and firewall.