Presentation is loading. Please wait.

Presentation is loading. Please wait.

Session Initiation Protocol (SIP) Common Log Format (CLF) Vijay K. Gurbani Bell Laboratories/Alcatel-Lucent 75 th IETF, Stockholm, Sweden July 26-31, 2009.

Published byMae Watkins Modified over 8 years ago

Similar presentations

Presentation on theme: "Session Initiation Protocol (SIP) Common Log Format (CLF) Vijay K. Gurbani Bell Laboratories/Alcatel-Lucent 75 th IETF, Stockholm, Sweden July 26-31, 2009."— Presentation transcript:

1 Session Initiation Protocol (SIP) Common Log Format (CLF) Vijay K. Gurbani Bell Laboratories/Alcatel-Lucent 75 th IETF, Stockholm, Sweden July 26-31, 2009

2 2 | July 2009 IETF | vkg@bell-labs.com Problem HTTP Common Log File format is used widely:... obviously, log access to resources. Perform trend analysis. Perform anomaly detection. Encourage third party tool developers. Troubleshooting. There isn't an analogous CLF format for SIP.

3 3 | July 2009 IETF | vkg@bell-labs.com Benefits of a SIP CLF Establishes a common reference for logging SIP messages across vendor/open-source implementations. Correlate SIP messages across transactions and dialogs. Easily search, merge, and summarize log records. Train anomaly detection systems to trigger alarms. Allow independent tool providers to provide innovative tools for trend analysis and traffic reports. Common diagnostic trail from testing of SIP equipment. Can be used for off-line analysis (trend analysis) as well as real-time analysis.

4 4 | July 2009 IETF | vkg@bell-labs.com Challenges in defining SIP CLF SIP is not a linear request-reply protocol HTTP is linear: pipelining okay, one request = one response. Complexity inherent in the protocol: Serial and parallel forking elicit multiple responses. Delays between getting a request and sending a response (outside of “long polling” in HTTP, servers respond quickly; not quite so in SIP. Impact on proxies.) Multiple transactions grouped in a dialog; dialog persists for a long time, transactions short-lived (e.g., BYE comes much later, but relation between INVITE and BYE should be preserved in a log file.)

5 5 | July 2009 IETF | vkg@bell-labs.com Challenges in defining SIP CLF ACK requests need careful considerations: Only tied to an INVITE. No responses for ACKs. For non-2xx, ACKs hop-by-hop (part of INVITE transaction.) For 2xx, ACK end-to-end. CANCEL requests need careful considerations: Only tied to an INVITE. Requires exactly one response. Is propagated hop-by-hop.

6 6 | July 2009 IETF | vkg@bell-labs.com Challenges in defining SIP CLF INVITE can pend, resulting in a 1xx response (200ms rule.) This 1xx response needs to be captured to train automata. SIP has a richer set of actors: UAS, UAC, B2BUA, proxy, registrar, redirect server,... Need to take SIP extensibility in account. Preserve user privacy in CLF (through anonymization, etc.)

7 7 | July 2009 IETF | vkg@bell-labs.com Progress so far Problem statement, motivation scenarios defined in http://tools.ietf.org/html/draft-gurbani-sipping-clf-01 Mailing list formed (sip-clf@ietf.org): https://www.ietf.org/mailman/listinfo/sip-clf Initial discussions on dispatch lead to proposal of chartering a working group; charter sent out by RAI AD (see http://www.ietf.org/mail-archive/web/sip-clf/current/msg00019.html) Much discussion has taken place on sip-clf mailing list.

8 8 | July 2009 IETF | vkg@bell-labs.com Progress so far An ASCII mapping defined in http://tools.ietf.org/html/draft- gurbani-sipping-clf-01 A binary mapping defined in http://tools.ietf.org/html/draft-roach-sipping-clf-syntax-01 A PCAP-compatible binary syntax defined in http://tools.ietf.org/html/draft-kaplan-sipping-clf-pcap-00

9 9 | July 2009 IETF | vkg@bell-labs.com WG-to-be charter In scope: WG to produce CLF suitable for logging at any SIP element, taking SIP’s extensibility model into consideration. WG not pre-constrained to producing either a bit- field oriented or text-oriented format, and may choose to provide both. If the group chooses to specify both, it must be possible to mechanically translate between the formats without loss of information.

10 10 | July 2009 IETF | vkg@bell-labs.com WG-to-be charter Out of scope: Specifying the mechanics of exchanging, transporting, and storing SIP Common Log Format records is explicitly out of scope. Specifying a real-time transfer mechanism for heuristic analysis is explicitly out of scope.

11 11 | July 2009 IETF | vkg@bell-labs.com WG-to-be charter Deliverables: A problem statement enunciating the motivation, and use cases for a SIP Common Log Format. This analysis will identify the required minimal information that must appear in any record. A specification of the SIP Common Log Format record.

12 12 | July 2009 IETF | vkg@bell-labs.com Next steps Create WG (token: RAI AD). Socialize work with other IETF WGs: opsarea syslog ipfix

Download ppt "Session Initiation Protocol (SIP) Common Log Format (CLF) Vijay K. Gurbani Bell Laboratories/Alcatel-Lucent 75 th IETF, Stockholm, Sweden July 26-31, 2009."

Similar presentations

Re-INVITE Handling draft-camarillo-sipping-reinvite-00.txt

Re-INVITE Handling draft-camarillo-sipping-reinvite-00.txt
SIP Session-ID draft-kaplan-sip-session-id-02 Hadriel Kaplan.

SIP Session-ID draft-kaplan-sip-session-id-02 Hadriel Kaplan.
Indication of support for keep- alive draft-holmberg-sip-keep-03 Christer Holmberg

Indication of support for keep- alive draft-holmberg-sip-keep-03 Christer Holmberg
SIP, Presence and Instant Messaging

SIP, Presence and Instant Messaging
SIP and Instant Messaging. www.dynamicsoft.com SIP Summit 2001 5.01.01 SIP and Instant Messaging What Does Presence Have to Do With SIP? How to Deliver.

SIP and Instant Messaging. SIP Summit SIP and Instant Messaging What Does Presence Have to Do With SIP? How to Deliver.
IMPP Update: SIP. www.dynamicsoft.com Spring PIM 2001 IMPP Update SIMPLE Group SIMPLE = SIP for Instant Messaging Leveraging Extensions BoF Session Held.

IMPP Update: SIP. Spring PIM 2001 IMPP Update SIMPLE Group SIMPLE = SIP for Instant Messaging Leveraging Extensions BoF Session Held.
SOAP.

SOAP.
July 20, 2000H.323/SIP1 Interworking Between SIP/SDP and H.323 Agenda Compare SIP/H.323 Problems in interworking Possible solutions Conclusion Q/A Kundan.

July 20, 2000H.323/SIP1 Interworking Between SIP/SDP and H.323 Agenda Compare SIP/H.323 Problems in interworking Possible solutions Conclusion Q/A Kundan.
Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.

Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.
Camarillo / Schulzrinne / Kantola November 26th, 2001 SIP over SCTP performance analysis

Camarillo / Schulzrinne / Kantola November 26th, 2001 SIP over SCTP performance analysis
Remote Call/Device Control IETF82, Dispatch WG, Taipei November 15, 2011 1 Rifaat Shekh-Yusef Cullen Jennings Alan Johnston.

Remote Call/Device Control IETF82, Dispatch WG, Taipei November 15, Rifaat Shekh-Yusef Cullen Jennings Alan Johnston.
January 23-26, 2007 Ft. Lauderdale, Florida An introduction to SIP Simon Millard Professional Services Manager Aculab.

January 23-26, 2007 Ft. Lauderdale, Florida An introduction to SIP Simon Millard Professional Services Manager Aculab.
Answers of Exercise 7 1. Explain what are the connection-oriented communication and the connectionless communication. Give some examples for each of the.

Answers of Exercise 7 1. Explain what are the connection-oriented communication and the connectionless communication. Give some examples for each of the.
SIP Performance Benchmarking draft-ietf-bmwg-sip-bench-term-04 draft-ietf-bmwg-sip-bench-meth-04 August 2, 2012 Prof. Carol Davids, Illinois Inst. of Tech.

SIP Performance Benchmarking draft-ietf-bmwg-sip-bench-term-04 draft-ietf-bmwg-sip-bench-meth-04 August 2, 2012 Prof. Carol Davids, Illinois Inst. of Tech.
UNCW UNCW SIGGRAPH 2002 Topic #3: Continuous Media in Wired and Wireless Environments Ronald J. Vetter Department of Computer Science University of North.

UNCW UNCW SIGGRAPH 2002 Topic #3: Continuous Media in Wired and Wireless Environments Ronald J. Vetter Department of Computer Science University of North.
Session Initiation Protocol (SIP) By: Zhixin Chen.

Session Initiation Protocol (SIP) By: Zhixin Chen.
Chapter 6: Distributed Applications Business Data Communications, 5e.

Chapter 6: Distributed Applications Business Data Communications, 5e.
12/05/2000CS590F, Purdue University1 Sip Implementation Protocol Presented By: Sanjay Agrawal Sambhrama Mundkur.

12/05/2000CS590F, Purdue University1 Sip Implementation Protocol Presented By: Sanjay Agrawal Sambhrama Mundkur.
SIP, Session Initiation Protocol Internet Draft, IETF, RFC 2543.

SIP, Session Initiation Protocol Internet Draft, IETF, RFC 2543.
TCP: Software for Reliable Communication. Spring 2002Computer Networks Applications Internet: a Collection of Disparate Networks Different goals: Speed,

TCP: Software for Reliable Communication. Spring 2002Computer Networks Applications Internet: a Collection of Disparate Networks Different goals: Speed,

Similar presentations

Ads by Google