List Info

Thread: Re: WGLC: draft-ietf-sip-connect-reuse-08.txt
Re: WGLC: draft-ietf-sip-connect-reuse-08.txt
country flaguser name
United States		 2007-11-26 13:43:59 
Hadriel Kaplan wrote:
> I think you're talking past each other.  Your original
statement did
>  not specify their listen ports would be different.

Yes, Hadriel is accurate in pointing that out.

> If they're not different, ie if both domains end up
pointing to the 
> same IP+port on the server, then they are the same
server, which just
> happens to be servicing multiple domains, and sending
to the same 
> connection is fine.

...but fraught with peril, though.  Technically this is
feasible,
because there is enough information in the signaling to
allow
routing to the right virtual server (I think.)  HTTP uses
the Host
header to allow the virtual server to distinguish different
domains.  The SIP equivalent is the domain name in the R-URI
or
topmost Route header; the domain in one of these URIs should
point
to the right virtual domain.

Now, whether we should be actively encouraging this over TCP
is
another question.  Note that over TLS, we do not.  That is,
if red.com opens a TLS connection to example.com, then
red.com's
identity (sip:red.com) is saved in the alias table.  Thus,
when example.com sends a request to blue.com, even though
rfc3263 resolution will result in the same IP+port, the
earlier
connection will not be reused because the identity does not
match (i.e., sip:red.com != sip:blue.com).

> If they're the same IP but different ports, such that
SRV resolves
> example.com to port 5060 and blue.com to 5070, for
example, then you
   ^^^^^^^^^^^ red.com
> shouldn't send to both domains on the same connection -
because they
> may well be two different processes, and example.com
could lie and
                                            ^^^^^^^^^^^
red.com
> take over blue.com's requests.

Right.  That is what I was worried about.

- vijay
-- 
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
2701 Lucent Lane, Rm. 9F-546, Lisle, Illinois 60532 (USA)
Email: vkg{alcatel-lucent.com,bell-labs.com,acm.org}
WWW:   http://www.al
catel-lucent.com/bell-labs


_______________________________________________
Sip mailing list  https://ww
w1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementorscs.columbia.edu for questions on current
sip
Use sippingietf.org for new developments on the application of
sip
Re: WGLC: draft-ietf-sip-connect-reuse-08.txt
user name
 2007-11-26 22:53:24 
   From: "Vijay K. Gurbani" <vkgalcatel-lucent.com>

   > If they're not different, ie if both domains end up
pointing to the 
   > same IP+port on the server, then they are the same
server, which just
   > happens to be servicing multiple domains, and
sending to the same 
   > connection is fine.

   ...but fraught with peril, though.  Technically this is
feasible,
   because there is enough information in the signaling to
allow
   routing to the right virtual server (I think.)

Actually, in SIP there isn't peril, because SIP is carefully
designed
so that the destination is coded absolutely in the SIP
request; no
contextual information is needed (in the usual cases) to get
the
message to its destination.

Dale


_______________________________________________
Sip mailing list  https://ww
w1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementorscs.columbia.edu for questions on current
sip
Use sippingietf.org for new developments on the application of
sip
[1-2]

about | contact  Other archives ( Real Estate discussion Medical topics )