Chair for Computer Networks & Internet Wilhelm-Schickard-Institute for Computer Science University of Tübingen A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services Ali Fessi, Heiko Niedermayer, Holger Kinkelin, Georg Carle IPTComm 2007, 19 th -20 th July, New York, USA

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 2 Overview  Motivation  Properties of server-based SIP networks  Properties of P2P-based SIP networks  Our solution for SIP reliability: Cooperative SIP (CoSIP)  CoSIP Overview  Sample Applications  Implementation  Evaluation:  Improving reliability and security with CoSIP  Initial functional tests results  Conclusions

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 3 Motivation  Some open issues with VoIP still need to be solved  reliability, security, QoS, SPIT, etc.  Users are used to the nearly 100% reliable PSTN  Good news:  Peer-to-peer (P2P) networks provide higher reliability  Bad news:  P2P network have also their bad side Security in P2P networks is much harder to cope with due to decentralization  Goals  How can we make SIP networks more reliable?  How can we benefit from the advantages of both architectures server vs. P2P

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 4 Properties of Server-based SIP Networks Sufficient security mechanisms UA authentication Integrity and confidentiality High lookup performance of SIP URI O(1) messages  Complex service infrastructure SIP proxies, registrars, AAA servers, location database, DNS server, routers, etc  Network and service failures may propagate quickly  Server infrastructures are vulnerable to DoS attacks

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 5 Properties of P2P-SIP Networks Self-organization  Recoverability from local failures Robustness against DoS attacks  P2P network can also survive under difficult conditions Scalability  Lookup performance of the Contact URI in a DHT in the avg case: O( log ( N ) ) messages; N is the number of peers  Several security issues can not be solved in pure P2P network  Attacks on the routing of lookup requests  Attacks on the content of the P2P network  Sybil attacks, partitioning attacks, etc.  Open P2P-SIP networks are an invitation for SPIT!

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 6 Cooperative SIP (CoSIP)  Basic idea  Design a hybrid architecture that benefits from the advantages of both server-based and P2P-based SIP networks  SIP User Agents organize themselves into a P2P network  SIP infrastructure and SIP User Agents cooperate in order to provide the best service  Cooperative SIP architecture: CoSIP  Improve reliability, survivability, security and lookup performance

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 7 CoSIP: UA Registration REGISTER put(H(SIP_URI), Contact_URI)  A SIP UA is registered to the SIP infrastructure as well as to the DHT  Use REGISTER for registration to the infrastructure  Use put for the registration to the DHT: put (H(SIP_URI), Contact_URI)

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 8 CoSIP: Session Establishment INVITE get(SIP_URI) Contact_URI INVITE 200 OK Session  Signaling to the SIP infrastructure with INVITE  In parallel: resolve the Contact-URI in the DHT with a get get (H(SIP_URI)) = Contact_URI  Server does not answer or DHT is faster?  use the Contact-URI provided by the DHT lookup  perform direct signaling to the peer  Lookup performance  under normal conditions: O(1) messages  in case of failures of the infrastructure: O( log ( N ) ) messages;

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 9 CoSIP Sample Applications  Large enterprise/ academic SIP networks with e.g k-users  CoSIP can be used to bridge  network and service failures  maintenance downtimes CoSIP-enabled SIP Network

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 10 CoSIP Sample Applications (2)  CoSIP adapter/ proxy in DSL routers  CoSIP adapters organize themselves into a P2P network DSL Router with a CoSIP adapter / CoSIP proxy Small Office and Home Network (SOHO) Internet/VoIP Provider SOHO

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 11 Implementation of CoSIP as an external Proxy Application  The CoSIP proxy is an adapter to connect regular SIP UA  CoSIP Proxy communicates with the SIP infrastructure and the P2P network  DHT: Bamboo/ Pastry  Formal specification of the “CoSIP” protocol with SDL  Programming language: Python  When the SIP infrastructure fails: P2P signaling between the CoSIP proxies SIP Express Router (SER)

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 12 Specification of CoSIP - Goody  State machines „switchable“ to different modes 1.Cooperative mode (DHT + SIP server) 2.DHT-only mode (basically P2P-SIP with Bamboo as a DHT) 3.Server-only mode  DHT-only mode successfully tested with OpenDHT

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 13 SIP UA running with CoSIP Proxy in the background

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 14 Evaluation  Improving reliability with CoSIP  P2P network provide high reliability and self-organization Local failures can be recovered autonomically by neighboring peers  Data is replicated on a set of nodes (replica set)  Even large failures affect only a part of the network  In the ideal case (uncorrelated failures), the probability of a service failure with CoSIP would be:  CoSIP provides even better reliability and survivability than  P2P-SIP networks  server-based SIP networks

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 15 Evaluation  Improving security with CoSIP  Managing security in large P2P-SIP networks is not possible without central severs  However, PKI / CA is not enough  A CA is not able to detect an attack in the P2P network and shut down the attacker  A security solution for P2PSIP requires more SIP specific knowledge knowledge about the P2P network  CoSIP servers can provide Identity Management for the P2P-SIP network  CoSIP servers can make sure that peers in the P2P-SIP network behave well  How can you provide Intrusion Detection in a large P2P network?  a “CoSIP server” can help to do this job  More work is still required on this topic

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 16 Evaluation  Initial tests have been run on PlanetLab  Each used PlanetLab node hosts  a SIP UA  a CoSIP proxy  a Bamboo DHT node  High variance of the RTT on PlanetLab noticed  SIP server failure emulated  Successful recoverability from service failure  No interruption of service is noticed  Time required to establish a session between UAC and UAS increases slightly but is still acceptable  Performance results will be published soon

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 17 CoSIP: Summary  CoSIP provides a low-cost solution for significantly improving the reliability of SIP networks  Implementation  CoSIP as an external proxy application  compatible to existing SIP networks  Cooperative (server + DHT) as well as DHT-only mode possible  CoSIP is a hybrid architecture which provides better reliability, survivability, security and performance simultaneously  Could CoSIP be useful for catastrophic failures / emergency calls?  Future work  Integration of security mechanisms to CoSIP  Improve security of P2P-SIP  CoSIP is still a single domain concept  Peering of several domains with CoSIP  Improving geometry and routing in the DHT for higher connectivity in case of network failures

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 18 Questions / Discussion / Feedback

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 19 P2P-SIP  Basic idea: „SIP without server“  Registration:  Phase1: Node registration = P2P-SIP node “joins” the DHT  Phase 2: User registration = storing the Contact URI with SIP URI as lookup key in the DHT  Session establishment:  Resolving the SIP URI to a Contact URI using the DHT  Subsequent signaling can occur between the two peers Node registration User registration Session establishment

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 20 Evaluation - PlanetLab  Global research network  784 nodes  382 institutions  Con’s  Very variable performance and load of PlanetLab nodes  High variance in the RTT  Causes high variance in the measurement results  High instability and unreliability of the PlanetLab nodes  Upgrade PlanetLab 3.0 to 4.0  More than 50 nodes barely manageable

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 21 CoSIP State Machines  Formal specification of the CoSIP protocol using SDL  Logical separation between the state machines of different SIP UAs  The CoSIP proxy processes  requests from UA  messages from the server  messages from the DHT  timeouts for limiting the pending time  Events are processed FIFO SDL diagram for the processing of an INVITE message in state IDLE

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 22 CoSIP State Machines (2) High Level INVITE Session State Machine High Level REGISTER Session State Machine

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 23 Related Work  P2PSIP  Secure Overlay Services (SOS)  Resilient Overlay Networks (RON)  Skype  CoDNS

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 24 Overview Tesbed

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 25 OpenDHT  OpenDHT = Bamboo running on PlanetLab  publicly accessible  put  get  remove

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 26 CoSIP Implementation: Overview  Threading for transport of SIP messages and communication with the DHT  Event-based processing of  SIP messages  DHT messages  Timeouts  Events are processed FIFO  Programming language  Python  Platform independent (CoSIP tested with Linux / Windows)  Code size ca. 5 kLoC

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 27 SIP UA running with CoSIP Proxy in the background

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 28 Evaluation – Recovery from Service Interruption

A. Fessi, et al, “A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services“ 29 Evaluation (VI)