draft-ietf-mmusic-sdp-comedia-05.txt   draft-ietf-mmusic-sdp-comedia-06.txt 
INTERNET-DRAFT D. Yon MMUSIC Working Group D. Yon
Document: draft-ietf-mmusic-sdp-comedia-05.txt Dialout.Net Internet-Draft Dialout.Net, Inc
Expires September 2003 March 2003 Expires: November 12, 2004 G. Camarillo
Ericsson
May 14, 2004
Connection-Oriented Media Transport in SDP Connection-Oriented Media Transport in the Session Description
<draft-ietf-mmusic-sdp-comedia-05.txt> Protocol (SDP)
draft-ietf-mmusic-sdp-comedia-06.txt
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with By submitting this Internet-Draft, I certify that any applicable
all provisions of Section 10 of RFC2026. patent or other IPR claims of which I am aware have been disclosed,
and any of which I become aware will be disclosed, in accordance with
RFC 3668.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that other
other groups may also distribute working documents as Internet- groups may also distribute working documents as Internet-Drafts.
Drafts.
Internet-Drafts are draft documents valid for a maximum of six Internet-Drafts are draft documents valid for a maximum of six months
months and may be updated, replaced, or obsoleted by other documents and may be updated, replaced, or obsoleted by other documents at any
at any time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at: The list of current Internet-Drafts can be accessed at http://
http://www.ietf.org/ietf/1id-abstracts.txt www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at: The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
Copyright (C) The Internet Society (2002). All Rights Reserved. This Internet-Draft will expire on November 12, 2004.
Copyright Notice
Copyright (C) The Internet Society (2004). All Rights Reserved.
Abstract Abstract
This document describes how to express media transport over This document describes how to express media transport over
connection-oriented protocols using the Session Description Protocol connection-oriented protocols using the Session Description Protocol
(SDP). It defines two new protocol identifiers: TCP and TLS. It (SDP). It defines two new protocol identifiers: TCP and TCP/TLS. It
also defines the syntax and semantics for an SDP "direction" also defines the SDP setup attribute, which describes the connection
attribute that describes the connection setup procedure. setup procedure, and the SDP reconnect attribute.
Yon 1 Table of Contents
1 Introduction 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Protocol Identifiers . . . . . . . . . . . . . . . . . . . . . 3
3.1 TCP . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3.2 TCP/TLS . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Setup Attribute . . . . . . . . . . . . . . . . . . . . . . . 4
4.1 The Setup Attribute in the Offer/answer Model . . . . . . 4
4.2 Multiple-Connection Avoidance when Using Actpass . . . . . 5
5. The Reconnect Attribute . . . . . . . . . . . . . . . . . . . 6
6. Connection Lifetime . . . . . . . . . . . . . . . . . . . . . 7
6.1 Session Renegotiation . . . . . . . . . . . . . . . . . . 7
7. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
7.1 Passive/Active . . . . . . . . . . . . . . . . . . . . . . 8
7.2 Passive/Active with Reconnect . . . . . . . . . . . . . . 9
7.3 Actpass . . . . . . . . . . . . . . . . . . . . . . . . . 9
8. Security Considerations . . . . . . . . . . . . . . . . . . . 10
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 10
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 11
11.1 Normative References . . . . . . . . . . . . . . . . . . . . 11
11.2 Informational References . . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 12
Intellectual Property and Copyright Statements . . . . . . . . 13
The Session Description Protocol [SDP] provides a general-purpose 1. Introduction
The Session Description Protocol [4] provides a general-purpose
format for describing multimedia sessions in announcements or format for describing multimedia sessions in announcements or
invitations. SDP uses an entirely textual data format (the US-ASCII invitations. SDP uses an entirely textual data format (the US-ASCII
subset of [UTF-8]) to maximize portability among transports. SDP subset of UTF-8 [6]) to maximize portability among transports. SDP
does not define a protocol, but only the syntax to describe a does not define a protocol, but only the syntax to describe a
multimedia session with sufficient information to discover and multimedia session with sufficient information to participate in that
participate in that session. Session descriptions may be sent using session. Session descriptions may be sent using arbitrary existing
arbitrary existing application protocols for transport (e.g., SAP, application protocols for transport (e.g., SAP [9], SIP [10], RTSP
SIP, RTSP, email, HTTP, etc.). [7], email, HTTP [8], etc.).
[SDP] describes two protocol identifiers: RTP/AVP and UDP, both of SDP [4] defines two protocol identifiers: RTP/AVP and UDP, both of
which are unreliable, connectionless protocols, an appropriate which represent unreliable connectionless protocols. While these
choice for multimedia streams. There are, however, applications for transports are appropriate choices for multimedia streams, there are
which the connection-oriented transports such as TCP are more applications for which connection-oriented transports such as TCP are
appropriate, but [SDP] provides no way to describe a session that more appropriate. We define two new protocol identifiers: TCP and
uses protocols other than RTP or UDP. TCP/TLS. Both represent connection-oriented reliable transports.
Connection-oriented protocols introduce a new factor when describing Connection-oriented protocols introduce a new factor when describing
a session: not only must it be possible to express that a protocol a session: how should end points perform the connection setup
will be based on this protocol, but it must also describe the procedure. We define two new attributes to describe connection setup:
connection setup procedure. This memo defines two new protocol setup and reconnect.
identifiers, TCP and TLS, along with the syntax and semantics of the
a=direction and a=reconnect attributes.
2 Terminology 2. Terminology
In this document, the key words "MUST", "MUST NOT", "REQUIRED", In this document, the key words "MUST", "MUST NOT", "REQUIRED",
"SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT
and "OPTIONAL" are to be interpreted as described in RFC 2119 [7] RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as
and indicate requirement levels for compliant implementations. described in BCP 14, RFC 2119 [2] and indicate requirement levels for
compliant implementations.
3 Protocol Identifiers
The m= line in [SDP] is where an endpoint specifies the protocol
used for the media in the session. See the "Media Announcements"
section of [SDP] for a discussion on protocol identifiers.
3.1 TCP
The TCP protocol identifier is similar to the UDP protocol
identifier in that it only describes the transport protocol without
any connotation as to the upper-layer protocol. An m= line that
specifies "TCP" MUST further qualify the protocol using a fmt
identifier (see [SDP] Appendix B).
3.2 TLS
The TLS protocol identifier specifies that the session will use the
Transport Layer Security protocol [TLS] with an implied transport
protocol of TCP. To describe a media session that uses TLS over
TCP, the protocol identifier "TLS" must be specified in the m= line.
Yon INTERNET-DRAFT - Expires September 2003 2
An m= line that specifies TLS MUST further qualify the protocol
using a fmt identifier.
4 Direction Attribute
An important attribute of connection-oriented protocols is the setup
procedure. One endpoint needs to initiate the connection and the
other endpoint needs to accept the connection. The direction
attribute is used to describe these roles, and the syntax is as
follows:
a=direction:<role>
The <role> is one of the following:
passive: The endpoint will accept an incoming connection.
active: The endpoint will initiate an outgoing connection.
both: The endpoint will both accept an incoming connection
and will initiate an outgoing connection.
4.1 Semantics of direction:passive
By specifying direction:passive, the endpoint indicates that the
port number specified in the m= line is available to accept a
connection from the other endpoint.
4.2 Semantics of direction:active
By specifying direction:active, the endpoint indicates that it will
initiate a connection to the port number on the m= line of the other
endpoint. The port number on its own m= line is irrelevant, and the
opposite endpoint MUST NOT attempt to initiate a connection to the
port number specified there. Nevertheless, since the m= line must
contain a valid port number, the endpoint specifying
direction:active SHOULD specify a port number of 9 (the discard
port) on its m= line. The endpoint MUST NOT specify a port number
of zero, as that carries other semantics in [SDP]. The following
SDP fragment shows an example of direction:active:
c=IN IP4 10.1.1.1 3. Protocol Identifiers
m=image 9 TCP t38
a=direction:active IN IP4
4.3 Semantics of direction:both The following is the ABNF for an m= line, as specified by RFC 2327
[4].
By specifying direction:both, the endpoint indicates that it will media-field = "m=" media space port ["/" integer]
both accept a TCP connection on the port number of its own m= line, space proto 1*(space fmt) CRLF
and that it will also initiate a connection to the port number on
the m= line of the other endpoint.
Yon INTERNET-DRAFT - Expires September 2003 3 We define two new values for the proto field: TCP and TCP/TLS.
Since this attribute describes behavior that is similar to
connectionless media descriptions in [SDP], it is the default value
for the direction attribute and is therefore optional.
Endpoints may choose to specify direction:both for one or more of 3.1 TCP
the following reasons:
1) The endpoint has no preference as to whether it accepts or The TCP protocol identifier is similar to the UDP protocol identifier
initiates the connection, and therefore is offering the remote in that it only describes the transport protocol, and not the
endpoint a choice of connection setup procedures. upper-layer protocol. An m= line that specifies "TCP" MUST further
qualify the application-layer protocol using an fmt identifier.
2) The endpoints intend to use a single connection to transport Media lines with the TCP protocol identifier are carried using TCP
the media, but it is not known whether firewall issues will [1].
prevent either endpoint from initiating or accepting the
connection. Therefore both endpoints will attempt to initiate
a connection in hopes that at least one will succeed.
If one endpoint specifies either direction:active or 3.2 TCP/TLS
direction:passive and the other specifies direction:both, both
endpoints MUST behave as if the latter had specified the inverse
direction of the former. For example, specifying direction:both
when the other endpoint specifies direction:active SHALL cause both
endpoints to behave as if the former had specified
direction:passive. Conversely, specifying direction:both when the
other endpoint specifies direction:passive SHALL cause both
endpoints to behave as if the former had specified direction:active.
If both endpoints specify direction:both then each endpoint MUST The TCP/TLS protocol identifier specifies that the session will use
initiate a connection to the port number specified on the m= line of the Transport Layer Security (TLS) protocol [3] on top on a TCP [1]
the opposite endpoint. There is one exception to this requirement: connection.
if an endpoint receives the incoming connection from the opposite
endpoint prior to initiating its own outbound connection, then that
endpoint MAY use that connection rather than attempt to make an
outbound connection to the opposite endpoint.
If only one connection succeeds, then that connection will be used An m= line that contain the TCP/TLS protocol identifier MUST further
to carry the media. Once it has transmitted data on this qualify the protocol using a fmt identifier.
connection, the initiating endpoint MUST NOT perform another
connection attempt to the accepting endpoint. This allows the
accepting endpoint to release or recycle the listening port for
another session once it has received data from the initiating
endpoint.
If both connections succeed, the following rules SHALL apply: 4. Setup Attribute
a) Each endpoint MUST accept data from either connection. The setup attribute indicates which of the end points should initiate
the connection establishment (e.g., send the initial TCP SYN). The
setup attribute is charset-independent and can be a session-level or
a media-level attribute. The following is the ABNF of the setup
attribute:
b) Once an endpoint has transmitted data to one of the connections, setup-attr = "a=setup:" role
it MUST use that connection exclusively for transmission. role = "active" / "passive" / "actpass"
c) Once an endpoint has transmitted AND received data, if one of the Active: The endpoint will initiate an outgoing connection.
connections is determined to be idle, the endpoint SHOULD close Passive: The endpoint will accept an incoming connection.
the idle connection. ActPass: The endpoint will both accept an incoming connection and
will initiate an outgoing connection.
Yon INTERNET-DRAFT - Expires September 2003 4 The default value of the setup attribute is actpass. That is, an m=
line without an associated setup line is considered to be actpass.
4.4 Optimizing direction:both 4.1 The Setup Attribute in the Offer/answer Model
As discussed in the previous section, there is the possibility that The offer/answer model, defined in RFC 3264 [5], provides endpoints
two connections will be created when only one is needed. While with a means to obtain shared view of a session. Some session
rules in the previous section accommodate the closing of an idle parameters are negotiated (e.g., codecs to use), while others are
connection, they do not prevent a race condition where the endpoints simply communicated from one endpoint to the other (e.g., IP
simultaneously start sending data on opposite connections thereby addresses). The value of the setup attribute falls into the first
causing two connections to be used where one would have sufficed. category. That is, both endpoints negotiate its value using the
While it is not possible to entirely eliminate this race condition, offer/answer model.
it is in the endpoints' interest to minimize its occurrence.
Therefore, when a session is negotiated through interactive exchange
of SDP between endpoints (as in the case of SIP) AND the result of
the negotiation is that each endpoint specifies direction:both, it
is RECOMMENDED that the endpoints use the following guidelines:
a) There comes a point during the exchange of SDP where one endpoint The negotiation of the value of the setup attribute takes places as
is prepared to send the final message that will complete the follows. The offerer states which role or roles is willing to perform
negotiation and allow the session to begin. For the purposes of and the answerer, taking the offerer's willingness into
this discussion, the endpoint that will send this final message consideration, chooses which roles both endpoints will actually
will be called the Initiator, and the endpoint that will receive perform during connection establishment. The following are the values
this message will be called the Acceptor. that the setup attribute can take in an offer/answer exchange:
b) The Initiator, upon receiving sufficient information to initiate a Offer Answer
connection, MUST attempt to connect to the Acceptor as soon as _______________
possible. active passive
passive active
actpass active / passive / actpass
c) In order to lower the likelihood that the Acceptor will also The value active indicates that the endpoint SHOULD initiate a
attempt to initiate a connection, the Initiator SHOULD incorporate connection to the port number on the m= line of the other endpoint.
a short delay between initiating the connection and sending the The port number on its own m= line is irrelevant, and the opposite
final SDP to the Acceptor. endpoint MUST NOT attempt to initiate a connection to the port number
specified there. Nevertheless, since the m= line must contain a valid
port number, the endpoint specifying using the value active SHOULD
specify a port number of 9 (the discard port) on its m= line. The
endpoint MUST NOT specify a port number of zero, as that carries
other semantics in SDP.
d) The delay time chosen by the Initiator MUST NOT introduce an The value passive indicates that the endpoint SHOULD be ready to
unacceptable session setup delay should the connection to the accept a connection on the port number specified in the m= line.
Acceptor not succeed.
4.5 Bidirectional versus Unidirectional Media The value actpass indicates that the endpoint SHOULD initiate a
connection to the port number on the m= line of the other endpoint
and that the endpoint SHOULD be ready to accept a connection on the
port number specified in the m= line. It is RECOMMENDED that, if
possible, endpoints set the port number on their m= line to the
source port number which they will use to establish the connection
towards the remote endpoint. This way, the transport-layer protocol
(e.g., TCP) can take care of simultaneous opens.
In traditional SDP transport types the flow is unidirectional. If Endpoints typically use the actpass value for the following reasons:
the intent is for media to flow in both directions, both endpoints 1. The offerer has no preference as to whether it accepts or
must specify SDP that describes where to deliver the media and what initiates the connection and, so, is letting the answerer choose.
media type(s) to use. For example, if only Endpoint A presents SDP 2. The endpoints intend to use a single connection to transport the
then media can only flow towards Endpoint A, as Endpoint B has not media, but it is not known whether NAT (Network Address
specified where and how to send media to it. Translator) issues will prevent either endpoint from initiating
or accepting the connection. So, both endpoints will attempt to
initiate a connection hoping that at least one will succeed.
Because most connection-oriented media is inherently bi-directional, 4.2 Multiple-Connection Avoidance when Using Actpass
endpoints may encounter a situation where only one side presented
SDP yet there is now a network path that can carry media in either
direction. In keeping with traditional SDP semantics, an endpoint
MUST NOT send data to the other endpoint unless it has specified SDP
information describing the type of media it can accept.
It is, however, perfectly acceptable for an endpoint to transmit When an offer/answer exchange results in actpass, each endpoint
data on the same connection it is using to receive data, so long as attempts to establish a transport connection towards the other
endpoint. If only one of the connections succeeds, this connection is
used to transfer media. Nevertheless, if both connections succeed,
one of them needs to be terminated so that both endpoints exchange
data over a single connection. In this section, we provide rules to
choose which of the two connections should be terminated (or not even
initiated).
Yon INTERNET-DRAFT - Expires September 2003 5 First of all, if the endpoints follow the recommendation of setting
the other endpoint has advertised its willingness to accept data. the port number in their m= line to the source port number which they
Likewise, it is perfectly acceptable for an endpoint to receive data will use to establish the connection towards the remote endpoint, the
on the same connection it is using to transmit data to the transport layer should take care of simultaneous opens (at least if
corresponding remote endpoint. In other words, for a bi-directional TCP is the transport protocol). If, for some reason, any of the
application-level session, a connection may be used to send data in endpoints does not follow this recommendation, both endpoints should
both directions (contingent to rules outlined in Section 2.3) as follow the rules below.
long as one side of the connection is attached to either of the
advertised SDP transport addresses.
4.6 Treating UDP and RTP/AVP like Connection Oriented Media If an endpoint is notified about a connection establishment attempt
from the other endpoint before performing its own connection attempt,
it SHOULD behave as a passive endpoint and SHOULD NOT attempt to
establish any other connection.
Endpoints MAY specify a direction attribute for UDP or RTP/AVP In case two connections are established, if an endpoint receives data
media. This indicates that the endpoint would like to treat this (i.e., media) over one of the connections before having sent any data
media as a type of connection-oriented media. (The endpoint may do on any of the connections, the endpoint SHOULD terminate the
this to facilitate NAT traversal for example.) Note that for connection that has not carried any data.
backwards compatibility, an endpoint which can specify
direction:active MUST include valid addresses and ports in the SDP
as always. If the peer's SDP does not include a direction
attribute, it knows that the peer does not support connection-
oriented media, and media exchange will proceed normally, as if
connection-oriented media were not offered.
Endpoints that specify direction:passive MUST NOT send any media, When two connections are established and both endpoints start sending
any packets whatsoever (including control packets such as RTCP), data before receiving anything from the other endpoint, it may happen
from their passive ports until they receive a packet on these ports that each of the endpoints choose a different connection to send
and record the source address and port of the sender. The passive data. If the answerer receives data over a connection after having
endpoint then assumes that the first packet received corresponds to sent data on the other connection, it SHOULD continue sending data on
its active peer. From this point onward, passive endpoints MUST the other connection until an application-layer data boundary. At
send UDP or RTP media from the same port as the port indicated in that point, the answerer SHOULD terminate this connection and start
the m= line. Passive endpoints MUST send RTCP media (if any) from using the connection on which the offerer was sending data.
the port on which they expect to receive it (typically the RTP port
number plus 1).
Endpoints that specify direction:active MUST be prepared to receive Note that different applications may define application-layer
on the ports from which they send. Once they learn the IP address boundaries in different ways. A typical suitable point for the
and port of their peer from the peer's SDP, they SHOULD immediately answerer to change connections is the end of an application-layer
send some kind of media (even if just comfort noise) to each of message and the beginning of the next one.
these ports. This is so the peer can learn their IP address and
port, in order to send media back without additional delay.
Effectively, the exchange of the first media packet completes a bi-
directional handshake between the active and passive peer.
5 Reconnect Attribute 5. The Reconnect Attribute
The preceding description of the a=direction attribute has been in The preceding description of the setup attribute has been in the
the context of using SDP to initiate a session. However, SDP may be context of using SDP to initiate a session. Still, SDP may be
exchanged between endpoints at various stages of a session to exchanged between endpoints at various stages of a session to
accomplish tasks such as terminating a session, redirecting media to accomplish tasks such as terminating a session, redirecting media to
a new endpoint, renegotiating the media parameters for a session, a new endpoint, or renegotiating the media parameters for a session.
etc. After the initial session has been established, it may be After the initial session has been established, it may be ambiguous
ambiguous as to whether subsequent SDP exchange represents a as to whether subsequent SDP exchange represents a confirmation that
confirmation that the endpoint is to continue using the current the endpoint is to continue using the current media connection
media connection unchanged, or is a request to make a new media unchanged, or is a request to make a new media connection. The
reconnect attribute, which is charset-independent and can be a
Yon INTERNET-DRAFT - Expires September 2003 6 session-level or a media-level attribute, is used to disambiguate
connection. The reconnect attribute is used to disambiguate these these two scenarios. The following is the ABNF of the reconnect
two scenarios, and the syntax is as follows: attribute:
a=reconnect
SDP containing a=reconnect signals that the specified session does
NOT refer to an existing connection between the two endpoints. If
the endpoints agree to continue the session, the endpoints MUST
close the existing connection for the currently negotiated session,
and MUST create a new connection according to the a=direction
attribute in the SDP. If an endpoint receives SDP that contains
a=reconnect, the endpoint's response MUST also contain a=reconnect.
Endpoints MUST NOT include a=reconnect in SDP that negotiates the
start of a session.
See section 6, "Connection and Listener Lifetime Considerations" for
more information on scenarios that are relevant to the a=reconnect
attribute.
6 Connection and Listener Lifetime Considerations
6.1 Listener Lifetime
An endpoint that has specified direction:both or direction:passive
MUST be ready to accept a connection on the appropriate address and
port during the time slot(s) advertised for that session. The
endpoint MUST keep the address and port available for incoming
connections until either:
a) The time window for the session has expired, or
b) The endpoint has received the expected number of incoming reconnect-attr = "a=reconnect"
connections on that address and port, or
c) Subsequent exchanges have superceded the SDP that originally On reception of an m= line with a reconnect attribute, the endpoints
advertised the availability of the address and port. SHOULD close the existing connection, in case it was still up, and
SHOULD establish a new connection according to the setup attribute in
the m= line.
Once the endpoint has determined that a listener is no longer needed Either the offerer or the answerer can include a reconnect attribute
on a specific address and port, it SHOULD terminate the listener. in an m= line. In any event, if the offer contained this attribute,
The endpoint is then free to re-use the address and port for the answer MUST contain it as well.
subsequent session advertisements.
6.2 Connection Lifetime 6. Connection Lifetime
An endpoint that intends to initiate the connection MUST initiate An endpoint that intends to initiate the connection SHOULD initiate
the connection immediately after it has sufficient information to do the connection immediately after it has sufficient information to do
so, even if it does not intend to immediately begin sending media to so, even if it does not intend to immediately begin sending media to
the remote endpoint. This allows media to flow from the remote the remote endpoint. This allows media to flow from the remote
endpoint. endpoint. An endpoint SHOULD NOT close the connection until the
session has expired, been explicitly terminated, or the media stream
An endpoint MUST NOT close the connection until the session has is redirected to a different address or port.
expired, been explicitly terminated, or the media stream is
redirected to a different address or port.
Yon INTERNET-DRAFT - Expires September 2003 7
If the endpoint determines that the connection has been closed, it If the endpoint determines that the connection has been closed, it
MAY attempt to re-establish the connection. The decision to do so MAY attempt to re-establish the connection. The decision to do so is
is application and/or context dependant. If the endpoint opts to application and context dependant.
re-establish the connection, it MUST NOT assume that the original
address and port advertised by the remote endpoint is still valid.
Instead, the endpoint MUST renegotiate the session parameters by
exchanging new SDP.
6.3 Session Renegotiation and Connection Lifetime 6.1 Session Renegotiation
There are scenarios where SDP is sent by an endpoint in order to There are scenarios where SDP is sent by an endpoint in order to
renegotiate an existing session. These include muting/unmuting a renegotiate an existing session. These include muting/unmuting a
session, renegotiating the attributes of the media used by the session, renegotiating the attributes of the media used by the
session, or extending the length of a session about to expire. session, or extending the length of a session about to expire.
Connection-oriented media introduces some ambiguities into session Connection-oriented media introduces some ambiguities into session
renegotiation as to when the direction attribute must be obeyed and renegotiation as to when the direction attribute must be obeyed and
when it is ignored. when it is ignored.
The scenario of extending the duration of an existing session is a The scenario of extending the duration of an existing session is a
good example: in order to extend an existing session, endpoints will good example: in order to extend an existing session, endpoints will
typically resend the original SDP with updated time information. In typically resend the original SDP with updated time information. In
connectionless media the result is no change to the existing media connectionless media the result is no change to the existing media
streams. The problem with connection oriented media is that the streams. The problem with connection oriented media is that the
original SDP will contain a direction attribute which can be original SDP will contain a setup attribute which can be considered
construed as a request to create a new connection, as opposed to a as a request to create a new connection, as opposed to a request to
request to maintain steady state. To avoid this ambiguity, the maintain steady state. The following rule help avoid this ambiguity:
following rule SHALL apply to subsequent exchanges of SDP:
If the transport section (the c= and m= lines)
combined with the direction attribute of an SDP
message describes an existing connection between two
endpoints, AND the SDP does not contain a=reconnect,
then the endpoints MUST use that connection to carry
the media described in the remainder of the message.
The endpoints MUST NOT attempt to set up a new
connection, regardless of what is specified in the
direction attribute.
This disambiguates most session renegotiation scenarios, with the If the transport section (the c= and m= lines) of an SDP
exception of muting. Muting a media stream is accomplished by description describes an existing connection between two endpoints
sending the original session SDP but with an "a=inactive" or and the m= line does not contain a reconnect attribute, the
"a=sendonly/recvonly" attribute. This is still valid for connection endpoints SHOULD use that connection to carry the media described
oriented media, with the additional caveat that the endpoints MUST in the remainder of the message. The endpoints SHOULD NOT attempt
NOT close the connection described by that SDP. to set up a new connection, regardless of what is specified in the
setup attribute.
Note that if the port number in the m= line changes, there is no
need to use the reconnect attribute because the new port will
trigger the establishment of a new connection anyway.
7 Examples 7. Examples
What follows are a number of examples that show the most common What follows are a number of examples that show the most common usage
usage of the direction attribute combined with TCP-based media of the setup attribute combined with TCP-based media descriptions.
descriptions. For the purpose of brevity, the main portion of the For the purpose of brevity, the main portion of the session
session description is omitted in the examples and is assumed to be description is omitted in the examples and is assumed to be the
the following: following:
Yon INTERNET-DRAFT - Expires September 2003 8
v=0 v=0
o=me 2890844526 2890842807 IN IP4 10.1.1.2 o=me 2890844526 2890842807 IN IP4 10.1.1.2
s=Call me using TCP s=Call me using TCP
t=3034423619 3042462419 t=3034423619 3042462419
7.1 Example: simple passive/active 7.1 Passive/Active
An endpoint at 10.1.1.2 signals the availability of a T.38 fax An offerer at 192.0.2.2 signals its availability for a T.38 fax
session at port 54111: session at port 54111:
c=IN IP4 10.1.1.2 c=IN IP4 192.0.2.2
m=image 54111 TCP t38 m=image 54111 TCP t38
a=direction:passive a=setup:passive
An endpoint at 10.1.1.1 receiving this description responds with the An answerer at 192.0.2.1 receiving this offer responds with the
following: following answer:
c=IN IP4 10.1.1.1 c=IN IP4 192.0.2.1
m=image 9 TCP t38 m=image 9 TCP t38
a=direction:active a=setup:active
The endpoint at 10.1.1.1 then initiates the TCP connection to port The endpoint at 192.0.2.1 then initiates the TCP connection to port
54111 at 10.1.1.2. 54111 at 192.0.2.2.
7.2 Example: simple passive/active with reconnect 7.2 Passive/Active with Reconnect
Continuing the preceding example, consider the scenario where the Continuing the preceding example, consider the scenario where the TCP
TCP connection fails and the endpoints wish to reestablish the connection fails and the endpoints wish to reestablish the connection
connection for the session. The endpoint at 10.1.1.2 signals this for the session. The endpoint at 192.0.2.2 signals this intent with
intent with the following SDP: the following SDP:
c=IN IP4 10.1.1.2 c=IN IP4 192.0.2.2
m=image 54111 TCP t38 m=image 54111 TCP t38
a=direction:passive a=setup:passive
a=reconnect a=reconnect
The a=reconnect attribute informs the endpoint at 10.1.1.1 that this The reconnect attribute informs the endpoint at 192.0.2.1 that this
SDP represents the intent to establish a new connection for media SDP represents the intent to establish a new connection for media
transport, rather than continuing with the original connection. transport, rather than continuing with the original connection.
Because the endpoint at 10.1.1.1 may not yet be aware that the TCP Because the endpoint at 192.0.2.1 may not yet be aware that the TCP
connection has failed, this eliminates any ambiguity. If 10.1.1.1 connection has failed, this eliminates any ambiguity. If 192.0.2.1
agrees to continue the session using a new connection, it responds agrees to continue the session using a new connection, it responds
with: with:
c=IN IP4 10.1.1.1 c=IN IP4 192.0.2.1
m=image 9 TCP t38 m=image 9 TCP t38
a=direction:active IN IP4 a=setup:active IN IP4
a=reconnect a=reconnect
7.3 Example: agnostic both 7.3 Actpass
An endpoint at 10.1.1.2 signals the availability of a T.38 fax
session at TCP port 54111, but is also willing to set up the media
stream by initiating the TCP connection:
Yon INTERNET-DRAFT - Expires September 2003 9
c=IN IP4 10.1.1.2
m=image 54111 TCP t38
a=direction:both
The endpoint at 10.1.1.1 has three choices:
1) It can respond with either of the two direction:active
descriptions listed in the previous example. In this case the
endpoint at 10.1.1.1 must initiate a connection to port 54111
at 10.1.1.2.
2) It can respond with a description similar to the following:
c=IN IP4 10.1.1.1
m=image 54321 TCP t38
a=direction:passive
In this case the endpoint at 10.1.1.2 must initiate a
connection to port 54321 at 10.1.1.1.
3) It can respond with a description that specifies
direction:both, which is covered in the next example.
7.4 Example: redundant both
An endpoint at 10.1.1.2 uses the same description as the previous An offerer at 192.0.2.2 signals its availability for a T.38 fax
example: session at TCP port 54111. Additionally, this offerer is also willing
to set up the media stream by initiating the TCP connection:
c=IN IP4 10.1.1.2 c=IN IP4 192.0.2.2
m=image 54111 TCP t38 m=image 54111 TCP t38
a=direction:both a=setup:actpass
Unlike the previous example, the endpoint at 10.1.1.1 responds with The endpoint at 192.0.2.1 responds with the following description:
the following description:
c=IN IP4 10.1.1.1 c=IN IP4 192.0.2.1
m=image 54321 TCP t38 m=image 54321 TCP t38
a=direction:both a=setup:actpass
This will cause the endpoint at 10.1.1.2 to initiate a connection to
port 54321 at 10.1.1.1, and the endpoint at 10.1.1.1 to initiate a
connection to port 54111 at 10.1.1.2. Whichever TCP connection
succeeds will be used. If both succeed, one of the connections may
be closed as an optimization, using the rules in section 3.3.
In order to minimize the chance that two connections are created,
the endpoint at 10.1.1.1 may opt to use the recommendation in
section 3.4, which would result in events occurring in the following
sequence:
1) The endpoint at 10.1.1.2 sends SDP as listed above. The
endpoint MUST enable a listener on port 54111 at this time,
but is not able to initiate a TCP connection due to the fact
Yon INTERNET-DRAFT - Expires September 2003 10
that it does not have sufficient information from the endpoint
at 10.1.1.1.
2) The endpoint at 10.1.1.1, upon receiving the SDP, immediately
initiates a TCP connection to 10.1.1.2:54111.
3) In order to minimize the chance of a duplicate connection, the This will cause the offerer (at 192.0.2.2) to initiate a connection
endpoint at 10.1.1.1 pauses for a short time to allow the to port 54321 at 192.0.2.1 and the answerer (at 192.0.2.1) to
endpoint at 10.1.1.2 to receive the TCP connection initiation. initiate a connection to port 54111 at 192.0.2.2. Ideally, the
offerer would use 192.0.2.2:5411 as the source of its connection
attempt and the answerer would use 192.0.2.1:54321 as its.
4) After the short pause, the endpoint at 10.1.1.1 sends the SDP 8. Security Considerations
response as listed above.
The pause in #3 gives the first TCP connection attempt a chance to See RFC 2327 [4] for security and other considerations specific to
succeed, since withholding the SDP response deprives the endpoint at the Session Description Protocol in general.
10.1.1.2 of the information it needs to attempt its own TCP
connection.
7.5 Example: "Bidirectional" RTP and RTCP An attacker may attempt to substitute TCP/TLS with only TCP in a
session description. So, it is STRONGLY RECOMMENDED that integrity
protection be applied to the SDP session descriptions. For session
descriptions carried in SIP [10], S/MIME is the natural choice to
provide such end-to-end integrity protection, as described in RFC
3261 [10]. Other applications MAY use a different form of integrity
protection.
An endpoint at 10.1.1.2 is behind a NAT and does not know its own This document touches upon NAT traversal. Implementers should be
public address. aware of some issues that relate to the use of private IP addresses
within the offer/answer model (i.e., they are not specific to this
document).
c=IN IP4 10.1.1.2 When an endpoint receives a session description with a private IP
m=audio 9 RTP/AVP 0 address that belongs to a different address space, in most of the
a=direction:active cases, the endpoint will not be able to reach such an address.
Nevertheless, if this particular address also exists in the
endpoint's address space, the endpoint may end up reaching a
different peer than the one that generated the session description.
It is RECOMMENDED that endpoints authenticate their peer somehow
(e.g., using TLS [3]) or that they encrypt their media.
A peer with a public IP address responds as follows and waits to 9. IANA Considerations
receive RTP and RTCP packets from its active peer.
c=IN IP4 1.2.3.4 This document defines two session and media level SDP attributes:
m=audio 18240 RTP/AVP 0 setup and reconnect. Their formats are defined in Section 4 and
a=direction:passive Section 5 respectively. These two attributes should be registered by
the IANA on http://www.iana.org/assignments/sdp-parameters under
"att-field (both session and media level)".
The endpoint at 10.1.1.2 immediately sends RTP from port 9012 to This document defines two proto values: TCP and TCP/TLS. Their
1.2.3.4 port 18240. A NAT translates the source address to 5.6.7.8 formats are defined in Section 3.1 and Section 3.2 respectively.
port 1542. The passive endpoint receives this RTP packet and stores These two proto values should be registered by the IANA on http://
this source address. When the passive endpoint wants to send RTP www.iana.org/assignments/sdp-parameters under "proto".
media it sends it back to 5.6.7.8 port 1542. The NAT translates this
destination address back to 10.1.1.2 port 9012 and delivers it to
the active endpoint.
Likewise the endpoint at 10.1.1.2 immediately sends RTCP from port 10. Acknowledgements
9013 to 1.2.3.4:18241. The NAT translates this to 5.6.7.8:1984. The
passive endpoint receives the RTCP packet and stores the source
address. The passive endpoint sends its RTCP to 5.6.7.8:1984 which
is translated back to 10.1.1.2:9013 and delivered to the active
endpoint.
8 Security Considerations The authors would like to thank Jonathan Rosenberg, Rohan Mahy,
Anders Kristensen, Joerg Ott, Paul Kyzivat, Robert
Fairlie-Cuninghame, and Colin Perkins for their valuable insights and
contributions.
See [SDP] for security and other considerations specific to the 11. References
Session Description Protocol in general.
Yon INTERNET-DRAFT - Expires September 2003 11 11.1 Normative References
9 IANA Considerations [1] Postel, J., "Transmission Control Protocol", STD 7, RFC 793,
September 1981.
As recommended by [SDP] Appendix B, the direction and reconnect [2] Bradner, S., "Key words for use in RFCs to Indicate Requirement
attributes described in this document should be registered with Levels", BCP 14, RFC 2119, March 1997.
IANA, as should the "TCP" and "TLS" protocol identifiers.
Acknowledgements [3] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", RFC
2246, January 1999.
The author would like to thank Jonathan Rosenberg, Rohan Mahy, [4] Handley, M. and V. Jacobson, "SDP: Session Description
Anders Kristensen, Jeorg Ott, Paul Kyzivat, and Robert Fairlie- Protocol", RFC 2327, April 1998.
Cuninghame for their valuable insights and contributions.
Yon INTERNET-DRAFT - Expires September 2003 12 [5] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model with
Session Description Protocol (SDP)", RFC 3264, June 2002.
Appendix A: Direction Attribute Syntax [6] Yergeau, F., "UTF-8, a transformation format of ISO 10646", STD
63, RFC 3629, November 2003.
This appendix provides an Augmented BNF [ABNF] grammar for 11.2 Informational References
expressing the direction attribute for connection setup. It is
intended as an extension to the grammar for the Session Description
Protocol, as defined in [SDP]. Specifically, it describes the
syntax for the new "connection-setup" attribute field, which MAY be
either a session-level or media-level attribute.
connection-setup = "direction" ":" direction-spec [7] Schulzrinne, H., Rao, A. and R. Lanphier, "Real Time Streaming
Protocol (RTSP)", RFC 2326, April 1998.
direction-spec = "both" / "active" / "passive" [8] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L.,
Leach, P. and T. Berners-Lee, "Hypertext Transfer Protocol --
HTTP/1.1", RFC 2616, June 1999.
reconnect-attribute = "reconnect" [9] Handley, M., Perkins, C. and E. Whelan, "Session Announcement
Protocol", RFC 2974, October 2000.
References [10] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
Peterson, J., Sparks, R., Handley, M. and E. Schooler, "SIP:
Session Initiation Protocol", RFC 3261, June 2002.
[ABNF] D. Crocker, P. Overell, "Augmented BNF for Syntax Authors' Addresses
Specifications: ABNF," RFC 2234, November 1997
[SDP] M. Handley, V. Jacobson, "SDP: Session Description David Yon
Protocol," RFC 2327, April 1998 Dialout.Net, Inc
One Indian Head Plaza
Nashua, NH 03060
USA
[T38] International Telecommunication Union, "Procedures for EMail: yon@dialout.net
Real-Time Group 3 Facsimile Communications over IP
Networks," Recommendation T.38, June 1998
[TLS] T. Dierks, C. Allen, "The TLS Protocol," RFC 2246, Gonzalo Camarillo
January 1999 Ericsson
Hirsalantie 11
Jorvas 02420
Finland
[UTF-8] F. Yergeau, "UTF-8, a transformation format of Unicode EMail: Gonzalo.Camarillo@ericsson.com
and ISO 10646," RFC 2044, October 1996
Author's Address Intellectual Property Statement
David Yon The IETF takes no position regarding the validity or scope of any
Dialout.Net, Inc. Intellectual Property Rights or other rights that might be claimed to
One Indian Head Plaza pertain to the implementation or use of the technology described in
Nashua, NH 03060 this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the IETF's procedures with respect to rights in IETF Documents can
be found in BCP 78 and BCP 79.
Phone: (603) 324-4100 Copies of IPR disclosures made to the IETF Secretariat and any
EMail: yon@dialout.net assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
Full Copyright Statement The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Copyright (C) The Internet Society (2003). All Rights Reserved. Disclaimer of Validity
This document and translations of it may be copied and furnished to This document and the information contained herein are provided on an
others, and derivative works that comment on or otherwise explain it "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
or assist in its implementation may be prepared, copied, published OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
and distributed, in whole or in part, without restriction of any ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
kind, provided that the above copyright notice and this paragraph INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
are included on all such copies and derivative works. However, this INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Yon INTERNET-DRAFT - Expires September 2003 13 Copyright Statement
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be Copyright (C) The Internet Society (2004). This document is subject
revoked by the Internet Society or its successors or assigns. to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
This document and the information contained herein is provided on an Acknowledgment
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."
Yon INTERNET-DRAFT - Expires September 2003 14 Funding for the RFC Editor function is currently provided by the
Internet Society.
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/