[ RFC Index | RFC Search | Usenet FAQs | Web FAQs | Documents | Cities ]
Alternate Formats: rfc3261.txt | rfc3261.txt.pdf
RFC 3261 - SIP: Session Initiation Protocol
|
 |
RFC3261 - SIP: Session Initiation Protocol
Network Working Group J. Rosenberg
Request for Comments: 3261 dynamicsoft
Obsoletes: 2543 H. Schulzrinne
Category: Standards Track Columbia U.
G. Camarillo
Ericsson
A. Johnston
WorldCom
J. Peterson
Neustar
R. Sparks
dynamicsoft
M. Handley
ICIR
E. Schooler
AT&T
June 2002
SIP: Session Initiation Protocol
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2002). All Rights Reserved.
Abstract
This document describes Session Initiation Protocol (SIP), an
application-layer control (signaling) protocol for creating,
modifying, and terminating sessions with one or more participants.
These sessions include Internet telephone calls, multimedia
distribution, and multimedia conferences.
SIP invitations used to create sessions carry session descriptions
that allow participants to agree on a set of compatible media types.
SIP makes use of elements called proxy servers to help route requests
to the user's current location, authenticate and authorize users for
services, implement provider call-routing policies, and provide
features to users. SIP also provides a registration function that
allows users to upload their current locations for use by proxy
servers. SIP runs on top of several different transport protocols.
Table of Contents
1 Introduction ........................................ 8
2 Overview of SIP Functionality ....................... 9
3 Terminology ......................................... 10
4 Overview of Operation ............................... 10
5 Structure of the Protocol ........................... 18
6 Definitions ......................................... 20
7 SIP Messages ........................................ 26
7.1 Requests ............................................ 27
7.2 Responses ........................................... 28
7.3 Header Fields ....................................... 29
7.3.1 Header Field Format ................................. 30
7.3.2 Header Field Classification ......................... 32
7.3.3 Compact Form ........................................ 32
7.4 Bodies .............................................. 33
7.4.1 Message Body Type ................................... 33
7.4.2 Message Body Length ................................. 33
7.5 Framing SIP Messages ................................ 34
8 General User Agent Behavior ......................... 34
8.1 UAC Behavior ........................................ 35
8.1.1 Generating the Request .............................. 35
8.1.1.1 Request-URI ......................................... 35
8.1.1.2 To .................................................. 36
8.1.1.3 From ................................................ 37
8.1.1.4 Call-ID ............................................. 37
8.1.1.5 CSeq ................................................ 38
8.1.1.6 Max-Forwards ........................................ 38
8.1.1.7 Via ................................................. 39
8.1.1.8 Contact ............................................. 40
8.1.1.9 Supported and Require ............................... 40
8.1.1.10 Additional Message Components ....................... 41
8.1.2 Sending the Request ................................. 41
8.1.3 Processing Responses ................................ 42
8.1.3.1 Transaction Layer Errors ............................ 42
8.1.3.2 Unrecognized Responses .............................. 42
8.1.3.3 Vias ................................................ 43
8.1.3.4 Processing 3xx Responses ............................ 43
8.1.3.5 Processing 4xx Responses ............................ 45
8.2 UAS Behavior ........................................ 46
8.2.1 Method Inspection ................................... 46
8.2.2 Header Inspection ................................... 46
8.2.2.1 To and Request-URI .................................. 46
8.2.2.2 Merged Requests ..................................... 47
8.2.2.3 Require ............................................. 47
8.2.3 Content Processing .................................. 48
8.2.4 Applying Extensions ................................. 49
8.2.5 Processing the Request .............................. 49
8.2.6 Generating the Response ............................. 49
8.2.6.1 Sending a Provisional Response ...................... 49
8.2.6.2 Headers and Tags .................................... 50
8.2.7 Stateless UAS Behavior .............................. 50
8.3 Redirect Servers .................................... 51
9 Canceling a Request ................................. 53
9.1 Client Behavior ..................................... 53
9.2 Server Behavior ..................................... 55
10 Registrations ....................................... 56
10.1 Overview ............................................ 56
10.2 Constructing the REGISTER Request ................... 57
10.2.1 Adding Bindings ..................................... 59
10.2.1.1 Setting the Expiration Interval of Contact Addresses 60
10.2.1.2 Preferences among Contact Addresses ................. 61
10.2.2 Removing Bindings ................................... 61
10.2.3 Fetching Bindings ................................... 61
10.2.4 Refreshing Bindings ................................. 61
10.2.5 Setting the Internal Clock .......................... 62
10.2.6 Discovering a Registrar ............................. 62
10.2.7 Transmitting a Request .............................. 62
10.2.8 Error Responses ..................................... 63
10.3 Processing REGISTER Requests ........................ 63
11 Querying for Capabilities ........................... 66
11.1 Construction of OPTIONS Request ..................... 67
11.2 Processing of OPTIONS Request ....................... 68
12 Dialogs ............................................. 69
12.1 Creation of a Dialog ................................ 70
12.1.1 UAS behavior ........................................ 70
12.1.2 UAC Behavior ........................................ 71
12.2 Requests within a Dialog ............................ 72
12.2.1 UAC Behavior ........................................ 73
12.2.1.1 Generating the Request .............................. 73
12.2.1.2 Processing the Responses ............................ 75
12.2.2 UAS Behavior ........................................ 76
12.3 Termination of a Dialog ............................. 77
13 Initiating a Session ................................ 77
13.1 Overview ............................................ 77
13.2 UAC Processing ...................................... 78
13.2.1 Creating the Initial INVITE ......................... 78
13.2.2 Processing INVITE Responses ......................... 81
13.2.2.1 1xx Responses ....................................... 81
13.2.2.2 3xx Responses ....................................... 81
13.2.2.3 4xx, 5xx and 6xx Responses .......................... 81
13.2.2.4 2xx Responses ....................................... 82
13.3 UAS Processing ...................................... 83
13.3.1 Processing of the INVITE ............................ 83
13.3.1.1 Progress ............................................ 84
13.3.1.2 The INVITE is Redirected ............................ 84
13.3.1.3 The INVITE is Rejected .............................. 85
13.3.1.4 The INVITE is Accepted .............................. 85
14 Modifying an Existing Session ....................... 86
14.1 UAC Behavior ........................................ 86
14.2 UAS Behavior ........................................ 88
15 Terminating a Session ............................... 89
15.1 Terminating a Session with a BYE Request ............ 90
15.1.1 UAC Behavior ........................................ 90
15.1.2 UAS Behavior ........................................ 91
16 Proxy Behavior ...................................... 91
16.1 Overview ............................................ 91
16.2 Stateful Proxy ...................................... 92
16.3 Request Validation .................................. 94
16.4 Route Information Preprocessing ..................... 96
16.5 Determining Request Targets ......................... 97
16.6 Request Forwarding .................................. 99
16.7 Response Processing ................................. 107
16.8 Processing Timer C .................................. 114
16.9 Handling Transport Errors ........................... 115
16.10 CANCEL Processing ................................... 115
16.11 Stateless Proxy ..................................... 116
16.12 Summary of Proxy Route Processing ................... 118
16.12.1 Examples ............................................ 118
16.12.1.1 Basic SIP Trapezoid ................................. 118
16.12.1.2 Traversing a Strict-Routing Proxy ................... 120
16.12.1.3 Rewriting Record-Route Header Field Values .......... 121
17 Transactions ........................................ 122
17.1 Client Transaction .................................. 124
17.1.1 INVITE Client Transaction ........................... 125
17.1.1.1 Overview of INVITE Transaction ...................... 125
17.1.1.2 Formal Description .................................. 125
17.1.1.3 Construction of the ACK Request ..................... 129
17.1.2 Non-INVITE Client Transaction ....................... 130
17.1.2.1 Overview of the non-INVITE Transaction .............. 130
17.1.2.2 Formal Description .................................. 131
17.1.3 Matching Responses to Client Transactions ........... 132
17.1.4 Handling Transport Errors ........................... 133
17.2 Server Transaction .................................. 134
17.2.1 INVITE Server Transaction ........................... 134
17.2.2 Non-INVITE Server Transaction ....................... 137
17.2.3 Matching Requests to Server Transactions ............ 138
17.2.4 Handling Transport Errors ........................... 141
18 Transport ........................................... 141
18.1 Clients ............................................. 142
18.1.1 Sending Requests .................................... 142
18.1.2 Receiving Responses ................................. 144
18.2 Servers ............................................. 145
18.2.1 Receiving Requests .................................. 145
18.2.2 Sending Responses ................................... 146
18.3 Framing ............................................. 147
18.4 Error Handling ...................................... 147
19 Common Message Components ........................... 147
19.1 SIP and SIPS Uniform Resource Indicators ............ 148
19.1.1 SIP and SIPS URI Components ......................... 148
19.1.2 Character Escaping Requirements ..................... 152
19.1.3 Example SIP and SIPS URIs ........................... 153
19.1.4 URI Comparison ...................................... 153
19.1.5 Forming Requests from a URI ......................... 156
19.1.6 Relating SIP URIs and tel URLs ...................... 157
19.2 Option Tags ......................................... 158
19.3 Tags ................................................ 159
20 Header Fields ....................................... 159
20.1 Accept .............................................. 161
20.2 Accept-Encoding ..................................... 163
20.3 Accept-Language ..................................... 164
20.4 Alert-Info .......................................... 164
20.5 Allow ............................................... 165
20.6 Authentication-Info ................................. 165
20.7 Authorization ....................................... 165
20.8 Call-ID ............................................. 166
20.9 Call-Info ........................................... 166
20.10 Contact ............................................. 167
20.11 Content-Disposition ................................. 168
20.12 Content-Encoding .................................... 169
20.13 Content-Language .................................... 169
20.14 Content-Length ...................................... 169
20.15 Content-Type ........................................ 170
20.16 CSeq ................................................ 170
20.17 Date ................................................ 170
20.18 Error-Info .......................................... 171
20.19 Expires ............................................. 171
20.20 From ................................................ 172
20.21 In-Reply-To ......................................... 172
20.22 Max-Forwards ........................................ 173
20.23 Min-Expires ......................................... 173
20.24 MIME-Version ........................................ 173
20.25 Organization ........................................ 174
20.26 Priority ............................................ 174
20.27 Proxy-Authenticate .................................. 174
20.28 Proxy-Authorization ................................. 175
20.29 Proxy-Require ....................................... 175
20.30 Record-Route ........................................ 175
20.31 Reply-To ............................................ 176
20.32 Require ............................................. 176
20.33 Retry-After ......................................... 176
20.34 Route ............................................... 177
20.35 Server .............................................. 177
20.36 Subject ............................................. 177
20.37 Supported ........................................... 178
20.38 Timestamp ........................................... 178
20.39 To .................................................. 178
20.40 Unsupported ......................................... 179
20.41 User-Agent .......................................... 179
20.42 Via ................................................. 179
20.43 Warning ............................................. 180
20.44 WWW-Authenticate .................................... 182
21 Response Codes ...................................... 182
21.1 Provisional 1xx ..................................... 182
21.1.1 100 Trying .......................................... 183
21.1.2 180 Ringing ......................................... 183
21.1.3 181 Call Is Being Forwarded ......................... 183
21.1.4 182 Queued .......................................... 183
21.1.5 183 Session Progress ................................ 183
21.2 Successful 2xx ...................................... 183
21.2.1 200 OK .............................................. 183
21.3 Redirection 3xx ..................................... 184
21.3.1 300 Multiple Choices ................................ 184
21.3.2 301 Moved Permanently ............................... 184
21.3.3 302 Moved Temporarily ............................... 184
21.3.4 305 Use Proxy ....................................... 185
21.3.5 380 Alternative Service ............................. 185
21.4 Request Failure 4xx ................................. 185
21.4.1 400 Bad Request ..................................... 185
21.4.2 401 Unauthorized .................................... 185
21.4.3 402 Payment Required ................................ 186
21.4.4 403 Forbidden ....................................... 186
21.4.5 404 Not Found ....................................... 186
21.4.6 405 Method Not Allowed .............................. 186
21.4.7 406 Not Acceptable .................................. 186
21.4.8 407 Proxy Authentication Required ................... 186
21.4.9 408 Request Timeout ................................. 186
21.4.10 410 Gone ............................................ 187
21.4.11 413 Request Entity Too Large ........................ 187
21.4.12 414 Request-URI Too Long ............................ 187
21.4.13 415 Unsupported Media Type .......................... 187
21.4.14 416 Unsupported URI Scheme .......................... 187
21.4.15 420 Bad Extension ................................... 187
21.4.16 421 Extension Required .............................. 188
21.4.17 423 Interval Too Brief .............................. 188
21.4.18 480 Temporarily Unavailable ......................... 188
21.4.19 481 Call/Transaction Does Not Exist ................. 188
21.4.20 482 Loop Detected ................................... 188
21.4.21 483 Too Many Hops ................................... 189
21.4.22 484 Address Incomplete .............................. 189
21.4.23 485 Ambiguous ....................................... 189
21.4.24 486 Busy Here ....................................... 189
21.4.25 487 Request Terminated .............................. 190
21.4.26 488 Not Acceptable Here ............................. 190
21.4.27 491 Request Pending ................................. 190
21.4.28 493 Undecipherable .................................. 190
21.5 Server Failure 5xx .................................. 190
21.5.1 500 Server Internal Error ........................... 190
21.5.2 501 Not Implemented ................................. 191
21.5.3 502 Bad Gateway ..................................... 191
21.5.4 503 Service Unavailable ............................. 191
21.5.5 504 Server Time-out ................................. 191
21.5.6 505 Version Not Supported ........................... 192
21.5.7 513 Message Too Large ............................... 192
21.6 Global Failures 6xx ................................. 192
21.6.1 600 Busy Everywhere ................................. 192
21.6.2 603 Decline ......................................... 192
21.6.3 604 Does Not Exist Anywhere ......................... 192
21.6.4 606 Not Acceptable .................................. 192
22 Usage of HTTP Authentication ........................ 193
22.1 Framework ........................................... 193
22.2 User-to-User Authentication ......................... 195
22.3 Proxy-to-User Authentication ........................ 197
22.4 The Digest Authentication Scheme .................... 199
23 S/MIME .............................................. 201
23.1 S/MIME Certificates ................................. 201
23.2 S/MIME Key Exchange ................................. 202
23.3 Securing MIME bodies ................................ 205
23.4 SIP Header Privacy and Integrity using S/MIME:
Tunneling SIP ....................................... 207
23.4.1 Integrity and Confidentiality Properties of SIP
Headers ............................................. 207
23.4.1.1 Integrity ........................................... 207
23.4.1.2 Confidentiality ..................................... 208
23.4.2 Tunneling Integrity and Authentication .............. 209
23.4.3 Tunneling Encryption ................................ 211
24 Examples ............................................ 213
24.1 Registration ........................................ 213
24.2 Session Setup ....................................... 214
25 Augmented BNF for the SIP Protocol .................. 219
25.1 Basic Rules ......................................... 219
26 Security Considerations: Threat Model and Security
Usage Recommendations ............................... 232
26.1 Attacks and Threat Models ........................... 233
26.1.1 Registration Hijacking .............................. 233
26.1.2 Impersonating a Server .............................. 234
26.1.3 Tampering with Message Bodies ....................... 235
26.1.4 Tearing Down Sessions ............................... 235
26.1.5 Denial of Service and Amplification ................. 236
26.2 Security Mechanisms ................................. 237
26.2.1 Transport and Network Layer Security ................ 238
26.2.2 SIPS URI Scheme ..................................... 239
26.2.3 HTTP Authentication ................................. 240
26.2.4 S/MIME .............................................. 240
26.3 Implementing Security Mechanisms .................... 241
26.3.1 Requirements for Implementers of SIP ................ 241
26.3.2 Security Solutions .................................. 242
26.3.2.1 Registration ........................................ 242
26.3.2.2 Interdomain Requests ................................ 243
26.3.2.3 Peer-to-Peer Requests ............................... 245
26.3.2.4 DoS Protection ...................................... 246
26.4 Limitations ......................................... 247
26.4.1 HTTP Digest ......................................... 247
26.4.2 S/MIME .............................................. 248
26.4.3 TLS ................................................. 249
26.4.4 SIPS URIs ........................................... 249
26.5 Privacy ............................................. 251
27 IANA Considerations ................................. 252
27.1 Option Tags ......................................... 252
27.2 Warn-Codes .......................................... 252
27.3 Header Field Names .................................. 253
27.4 Method and Response Codes ........................... 253
27.5 The "message/sip" MIME type. ....................... 254
27.6 New Content-Disposition Parameter Registrations ..... 255
28 Changes From RFC 2543 ............................... 255
28.1 Major Functional Changes ............................ 255
28.2 Minor Functional Changes ............................ 260
29 Normative References ................................ 261
30 Informative References .............................. 262
A Table of Timer Values ............................... 265
Acknowledgments ................................................ 266
Authors' Addresses ............................................. 267
Full Copyright Statement ....................................... 269
1 Introduction
There are many applications of the Internet that require the creation
and management of a session, where a session is considered an
exchange of data between an association of participants. The
implementation of these applications is complicated by the practices
of participants: users may move between endpoints, they may be
addressable by multiple names, and they may communicate in several
different media - sometimes simultaneously. Numerous protocols have
been authored that carry various forms of real-time multimedia
session data such as voice, video, or text messages. The Session
Initiation Protocol (SIP) works in concert with these protocols by
enabling Internet endpoints (called user agents) to discover one
another and to agree on a characterization of a session they would
like to share. For locating prospective session participants, and
for other functions, SIP enables the creation of an infrastructure of
network hosts (called proxy servers) to which user agents can send
registrations, invitations to sessions, and other requests. SIP is
an agile, general-purpose tool for creating, modifying, and
terminating sessions that works independently of underlying transport
protocols and without dependency on the type of session that is being
established.
2 Overview of SIP Functionality
SIP is an application-layer control protocol that can establish,
modify, and terminate multimedia sessions (conferences) such as
Internet telephony calls. SIP can also invite participants to
already existing sessions, such as multicast conferences. Media can
be added to (and removed from) an existing session. SIP
transparently supports name mapping and redirection services, which
supports personal mobility [27] - users can maintain a single
externally visible identifier regardless of their network location.
SIP supports five facets of establishing and terminating multimedia
communications:
User location: determination of the end system to be used for
communication;
User availability: determination of the willingness of the called
party to engage in communications;
User capabilities: determination of the media and media parameters
to be used;
Session setup: "ringing", establishment of session parameters at
both called and calling party;
Session management: including transfer and termination of
sessions, modifying session parameters, and invoking
services.
SIP is not a vertically integrated communications system. SIP is
rather a component that can be used with other IETF protocols to
build a complete multimedia architecture. Typically, these
architectures will include protocols such as the Real-time Transport
Protocol (RTP) (RFC 1889 [28]) for transporting real-time data and
providing QoS feedback, the Real-Time streaming protocol (RTSP) (RFC
2326 [29]) for controlling delivery of streaming media, the Media
Gateway Control Protocol (MEGACO) (RFC 3015 [30]) for controlling
gateways to the Public Switched Telephone Network (PSTN), and the
Session Description Protocol (SDP) (RFC 2327 [1]) for describing
multimedia sessions. Therefore, SIP should be used in conjunction
with other protocols in order to provide complete services to the
users. However, the basic functionality and operation of SIP does
not depend on any of these protocols.
SIP does not provide services. Rather, SIP provides primitives that
can be used to implement different services. For example, SIP can
locate a user and deliver an opaque object to his current location.
If this primitive is used to deliver a session description written in
SDP, for instance, the endpoints can agree on the parameters of a
session. If the same primitive is used to deliver a photo of the
caller as well as the session description, a "caller ID" service can
be easily implemented. As this example shows, a single primitive is
typically used to provide several different services.
SIP does not offer conference control services such as floor control
or voting and does not prescribe how a conference is to be managed.
SIP can be used to initiate a session that uses some other conference
control protocol. Since SIP messages and the sessions they establish
can pass through entirely different networks, SIP cannot, and does
not, provide any kind of network resource reservation capabilities.
The nature of the services provided make security particularly
important. To that end, SIP provides a suite of security services,
which include denial-of-service prevention, authentication (both user
to user and proxy to user), integrity protection, and encryption and
privacy services.
SIP works with both IPv4 and IPv6.
3 Terminology
In this document, the key words "MUST", "MUST NOT", "REQUIRED",
"SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT
RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as
described in BCP 14, RFC 2119 [2] and indicate requirement levels for
compliant SIP implementations.
4 Overview of Operation
This section introduces the basic operations of SIP using simple
examples. This section is tutorial in nature and does not contain
any normative statements.
The first example shows the basic functions of SIP: location of an
end point, signal of a desire to communicate, negotiation of session
parameters to establish the session, and teardown of the session once
established.
Figure 1 shows a typical example of a SIP message exchange between
two users, Alice and Bob. (Each message is labeled with the letter
"F" and a number for reference by the text.) In this example, Alice
uses a SIP application on her PC (referred to as a softphone) to call
Bob on his SIP phone over the Internet. Also shown are two SIP proxy
servers that act on behalf of Alice and Bob to facilitate the session
establishment. This typical arrangement is often referred to as the
"SIP trapezoid" as shown by the geometric shape of the dotted lines
in Figure 1.
Alice "calls" Bob using his SIP identity, a type of Uniform Resource
Identifier (URI) called a SIP URI. SIP URIs are defined in Section
19.1. It has a similar form to an email address, typically
containing a username and a host name. In this case, it is
sip:bob@biloxi.com, where biloxi.com is the domain of Bob's SIP
service provider. Alice has a SIP URI of sip:alice@atlanta.com.
Alice might have typed in Bob's URI or perhaps clicked on a hyperlink
or an entry in an address book. SIP also provides a secure URI,
called a SIPS URI. An example would be sips:bob@biloxi.com. A call
made to a SIPS URI guarantees that secure, encrypted transport
(namely TLS) is used to carry all SIP messages from the caller to the
domain of the callee. From there, the request is sent securely to
the callee, but with security mechanisms that depend on the policy of
the domain of the callee.
SIP is based on an HTTP-like request/response transaction model.
Each transaction consists of a request that invokes a particular
method, or function, on the server and at least one response. In
this example, the transaction begins with Alice's softphone sending
an INVITE request addressed to Bob's SIP URI. INVITE is an example
of a SIP method that specifies the action that the requestor (Alice)
wants the server (Bob) to take. The INVITE request contains a number
of header fields. Header fields are named attributes that provide
additional information about a message. The ones present in an
INVITE include a unique identifier for the call, the destination
address, Alice's address, and information about the type of session
that Alice wishes to establish with Bob. The INVITE (message F1 in
Figure 1) might look like this:
atlanta.com . . . biloxi.com
. proxy proxy .
. .
Alice's . . . . . . . . . . . . . . . . . . . . Bob's
softphone SIP Phone
| | | |
| INVITE F1 | | |
|--------------->| INVITE F2 | |
| 100 Trying F3 |--------------->| INVITE F4 |
|<---------------| 100 Trying F5 |--------------->|
| |<-------------- | 180 Ringing F6 |
| | 180 Ringing F7 |<---------------|
| 180 Ringing F8 |<---------------| 200 OK F9 |
|<---------------| 200 OK F10 |<---------------|
| 200 OK F11 |<---------------| |
|<---------------| | |
| ACK F12 |
|------------------------------------------------->|
| Media Session |
|<================================================>|
| BYE F13 |
|<-------------------------------------------------|
| 200 OK F14 |
|------------------------------------------------->|
| |
Figure 1: SIP session setup example with SIP trapezoid
INVITE sip:bob@biloxi.com SIP/2.0
Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bK776asdhds
Max-Forwards: 70
To: Bob <sip:bob@biloxi.com>
From: Alice <sip:alice@atlanta.com>;tag=1928301774
Call-ID: a84b4c76e66710@pc33.atlanta.com
CSeq: 314159 INVITE
Contact: <sip:alice@pc33.atlanta.com>
Content-Type: application/sdp
Content-Length: 142
(Alice's SDP not shown)
The first line of the text-encoded message contains the method name
(INVITE). The lines that follow are a list of header fields. This
example contains a minimum required set. The header fields are
briefly described below:
Via contains the address (pc33.atlanta.com) at which Alice is
expecting to receive responses to this request. It also contains a
branch parameter that identifies this transaction.
To contains a display name (Bob) and a SIP or SIPS URI
(sip:bob@biloxi.com) towards which the request was originally
directed. Display names are described in RFC 2822 [3].
From also contains a display name (Alice) and a SIP or SIPS URI
(sip:alice@atlanta.com) that indicate the originator of the request.
This header field also has a tag parameter containing a random string
(1928301774) that was added to the URI by the softphone. It is used
for identification purposes.
Call-ID contains a globally unique identifier for this call,
generated by the combination of a random string and the softphone's
host name or IP address. The combination of the To tag, From tag,
and Call-ID completely defines a peer-to-peer SIP relationship
between Alice and Bob and is referred to as a dialog.
CSeq or Command Sequence contains an integer and a method name. The
CSeq number is incremented for each new request within a dialog and
is a traditional sequence number.
Contact contains a SIP or SIPS URI that represents a direct route to
contact Alice, usually composed of a username at a fully qualified
domain name (FQDN). While an FQDN is preferred, many end systems do
not have registered domain names, so IP addresses are permitted.
While the Via header field tells other elements where to send the
response, the Contact header field tells other elements where to send
future requests.
Max-Forwards serves to limit the number of hops a request can make on
the way to its destination. It consists of an integer that is
decremented by one at each hop.
Content-Type contains a description of the message body (not shown).
Content-Length contains an octet (byte) count of the message body.
The complete set of SIP header fields is defined in Section 20.
The details of the session, such as the type of media, codec, or
sampling rate, are not described using SIP. Rather, the body of a
SIP message contains a description of the session, encoded in some
other protocol format. One such format is the Session Description
Protocol (SDP) (RFC 2327 [1]). This SDP message (not shown in the
example) is carried by the SIP message in a way that is analogous to
a document attachment being carried by an email message, or a web
page being carried in an HTTP message.
Since the softphone does not know the location of Bob or the SIP
server in the biloxi.com domain, the softphone sends the INVITE to
the SIP server that serves Alice's domain, atlanta.com. The address
of the atlanta.com SIP server could have been configured in Alice's
softphone, or it could have been discovered by DHCP, for example.
The atlanta.com SIP server is a type of SIP server known as a proxy
server. A proxy server receives SIP requests and forwards them on
behalf of the requestor. In this example, the proxy server receives
the INVITE request and sends a 100 (Trying) response back to Alice's
softphone. The 100 (Trying) response indicates that the INVITE has
been received and that the proxy is working on her behalf to route
the INVITE to the destination. Responses in SIP use a three-digit
code followed by a descriptive phrase. This response contains the
same To, From, Call-ID, CSeq and branch parameter in the Via as the
INVITE, which allows Alice's softphone to correlate this response to
the sent INVITE. The atlanta.com proxy server locates the proxy
server at biloxi.com, possibly by performing a particular type of DNS
(Domain Name Service) lookup to find the SIP server that serves the
biloxi.com domain. This is described in [4]. As a result, it
obtains the IP address of the biloxi.com proxy server and forwards,
or proxies, the INVITE request there. Before forwarding the request,
the atlanta.com proxy server adds an additional Via header field
value that contains its own address (the INVITE already contains
Alice's address in the first Via). The biloxi.com proxy server
receives the INVITE and responds with a 100 (Trying) response back to
the atlanta.com proxy server to indicate that it has received the
INVITE and is processing the request. The proxy server consults a
database, generically called a location service, that contains the
current IP address of Bob. (We shall see in the next section how
this database can be populated.) The biloxi.com proxy server adds
another Via header field value with its own address to the INVITE and
proxies it to Bob's SIP phone.
Bob's SIP phone receives the INVITE and alerts Bob to the incoming
call from Alice so that Bob can decide whether to answer the call,
that is, Bob's phone rings. Bob's SIP phone indicates this in a 180
(Ringing) response, which is routed back through the two proxies in
the reverse direction. Each proxy uses the Via header field to
determine where to send the response and removes its own address from
the top. As a result, although DNS and location service lookups were
required to route the initial INVITE, the 180 (Ringing) response can
be returned to the caller without lookups or without state being
maintained in the proxies. This also has the desirable property that
each proxy that sees the INVITE will also see all responses to the
INVITE.
When Alice's softphone receives the 180 (Ringing) response, it passes
this information to Alice, perhaps using an audio ringback tone or by
displaying a message on Alice's screen.
In this example, Bob decides to answer the call. When he picks up
the handset, his SIP phone sends a 200 (OK) response to indicate that
the call has been answered. The 200 (OK) contains a message body
with the SDP media description of the type of session that Bob is
willing to establish with Alice. As a result, there is a two-phase
exchange of SDP messages: Alice sent one to Bob, and Bob sent one
back to Alice. This two-phase exchange provides basic negotiation
capabilities and is based on a simple offer/answer model of SDP
exchange. If Bob did not wish to answer the call or was busy on
another call, an error response would have been sent instead of the
200 (OK), which would have resulted in no media session being
established. The complete list of SIP response codes is in Section
21. The 200 (OK) (message F9 in Figure 1) might look like this as
Bob sends it out:
SIP/2.0 200 OK
Via: SIP/2.0/UDP server10.biloxi.com
;branch=z9hG4bKnashds8;received=192.0.2.3
Via: SIP/2.0/UDP bigbox3.site3.atlanta.com
;branch=z9hG4bK77ef4c2312983.1;received=192.0.2.2
Via: SIP/2.0/UDP pc33.atlanta.com
;branch=z9hG4bK776asdhds ;received=192.0.2.1
To: Bob <sip:bob@biloxi.com>;tag=a6c85cf
From: Alice <sip:alice@atlanta.com>;tag=1928301774
Call-ID: a84b4c76e66710@pc33.atlanta.com
CSeq: 314159 INVITE
Contact: <sip:bob@192.0.2.4>
Content-Type: application/sdp
Content-Length: 131
(Bob's SDP not shown)
The first line of the response contains the response code (200) and
the reason phrase (OK). The remaining lines contain header fields.
The Via, To, From, Call-ID, and CSeq header fields are copied from
the INVITE request. (There are three Via header field values - one
added by Alice's SIP phone, one added by the atlanta.com proxy, and
one added by the biloxi.com proxy.) Bob's SIP phone has added a tag
parameter to the To header field. This tag will be incorporated by
both endpoints into the dialog and will be included in all future
requests and responses in this call. The Contact header field
contains a URI at which Bob can be directly reached at his SIP phone.
The Content-Type and Content-Length refer to the message body (not
shown) that contains Bob's SDP media information.
In addition to DNS and location service lookups shown in this
example, proxy servers can make flexible "routing decisions" to
decide where to send a request. For example, if Bob's SIP phone
returned a 486 (Busy Here) response, the biloxi.com proxy server
could proxy the INVITE to Bob's voicemail server. A proxy server can
also send an INVITE to a number of locations at the same time. This
type of parallel search is known as forking.
In this case, the 200 (OK) is routed back through the two proxies and
is received by Alice's softphone, which then stops the ringback tone
and indicates that the call has been answered. Finally, Alice's
softphone sends an acknowledgement message, ACK, to Bob's SIP phone
to confirm the reception of the final response (200 (OK)). In this
example, the ACK is sent directly from Alice's softphone to Bob's SIP
phone, bypassing the two proxies. This occurs because the endpoints
have learned each other's address from the Contact header fields
through the INVITE/200 (OK) exchange, which was not known when the
initial INVITE was sent. The lookups performed by the two proxies
are no longer needed, so the proxies drop out of the call flow. This
completes the INVITE/200/ACK three-way handshake used to establish
SIP sessions. Full details on session setup are in Section 13.
Alice and Bob's media session has now begun, and they send media
packets using the format to which they agreed in the exchange of SDP.
In general, the end-to-end media packets take a different path from
the SIP signaling messages.
During the session, either Alice or Bob may decide to change the
characteristics of the media session. This is accomplished by
sending a re-INVITE containing a new media description. This re-
INVITE references the existing dialog so that the other party knows
that it is to modify an existing session instead of establishing a
new session. The other party sends a 200 (OK) to accept the change.
The requestor responds to the 200 (OK) with an ACK. If the other
party does not accept the change, he sends an error response such as
488 (Not Acceptable Here), which also receives an ACK. However, the
failure of the re-INVITE does not cause the existing call to fail -
the session continues using the previously negotiated
characteristics. Full details on session modification are in Section
14.
At the end of the call, Bob disconnects (hangs up) first and
generates a BYE message. This BYE is routed directly to Alice's
softphone, again bypassing the proxies. Alice confirms receipt of
the BYE with a 200 (OK) response, which terminates the session and
the BYE transaction. No ACK is sent - an ACK is only sent in
response to a response to an INVITE request. The reasons for this
special handling for INVITE will be discussed later, but relate to
the reliability mechanisms in SIP, the length of time it can take for
a ringing phone to be answered, and forking. For this reason,
request handling in SIP is often classified as either INVITE or non-
INVITE, referring to all other methods besides INVITE. Full details
on session termination are in Section 15.
Section 24.2 describes the messages shown in Figure 1 in full.
In some cases, it may be useful for proxies in the SIP signaling path
to see all the messaging between the endpoints for the duration of
the session. For example, if the biloxi.com proxy server wished to
remain in the SIP messaging path beyond the initial INVITE, it would
add to the INVITE a required routing header field known as Record-
Route that contained a URI resolving to the hostname or IP address of
the proxy. This information would be received by both Bob's SIP
phone and (due to the Record-Route header field being passed back in
the 200 (OK)) Alice's softphone and stored for the duration of the
dialog. The biloxi.com proxy server would then receive and proxy the
ACK, BYE, and 200 (OK) to the BYE. Each proxy can independently
decide to receive subsequent messages, and those messages will pass
through all proxies that elect to receive it. This capability is
frequently used for proxies that are providing mid-call features.
Registration is another common operation in SIP. Registration is one
way that the biloxi.com server can learn the current location of Bob.
Upon initialization, and at periodic intervals, Bob's SIP phone sends
REGISTER messages to a server in the biloxi.com domain known as a SIP
registrar. The REGISTER messages associate Bob's SIP or SIPS URI
(sip:bob@biloxi.com) with the machine into which he is currently
logged (conveyed as a SIP or SIPS URI in the Contact header field).
The registrar writes this association, also called a binding, to a
database, called the location service, where it can be used by the
proxy in the biloxi.com domain. Often, a registrar server for a
domain is co-located with the proxy for that domain. It is an
important concept that the distinction between types of SIP servers
is logical, not physical.
Bob is not limited to registering from a single device. For example,
both his SIP phone at home and the one in the office could send
registrations. This information is stored together in the location
service and allows a proxy to perform various types of searches to
locate Bob. Similarly, more than one user can be registered on a
single device at the same time.
The location service is just an abstract concept. It generally
contains information that allows a proxy to input a URI and receive a
set of zero or more URIs that tell the proxy where to send the
request. Registrations are one way to create this information, but
not the only way. Arbitrary mapping functions can be configured at
the discretion of the administrator.
Finally, it is important to note that in SIP, registration is used
for routing incoming SIP requests and has no role in authorizing
outgoing requests. Authorization and authentication are handled in
SIP either on a request-by-request basis with a challenge/response
mechanism, or by using a lower layer scheme as discussed in Section
26.
The complete set of SIP message details for this registration example
is in Section 24.1.
Additional operations in SIP, such as querying for the capabilities
of a SIP server or client using OPTIONS, or canceling a pending
request using CANCEL, will be introduced in later sections.
5 Structure of the Protocol
SIP is structured as a layered protocol, which means that its
behavior is described in terms of a set of fairly independent
processing stages with only a loose coupling between each stage. The
protocol behavior is described as layers for the purpose of
presentation, allowing the description of functions common across
elements in a single section. It does not dictate an implementation
in any way. When we say that an element "contains" a layer, we mean
it is compliant to the set of rules defined by that layer.
Not every element specified by the protocol contains every layer.
Furthermore, the elements specified by SIP are logical elements, not
physical ones. A physical realization can choose to act as different
logical elements, perhaps even on a transaction-by-transaction basis.
The lowest layer of SIP is its syntax and encoding. Its encoding is
specified using an augmented Backus-Naur Form grammar (BNF). The
complete BNF is specified in Section 25; an overview of a SIP
message's structure can be found in Section 7.
The second layer is the transport layer. It defines how a client
sends requests and receives responses and how a server receives
requests and sends responses over the network. All SIP elements
contain a transport layer. The transport layer is described in
Section 18.
The third layer is the transaction layer. Transactions are a
fundamental component of SIP. A transaction is a request sent by a
client transaction (using the transport layer) to a server
transaction, along with all responses to that request sent from the
server transaction back to the client. The transaction layer handles
application-layer retransmissions, matching of responses to requests,
and application-layer timeouts. Any task that a user agent client
(UAC) accomplishes takes place using a series of transactions.
Discussion of transactions can be found in Section 17. User agents
contain a transaction layer, as do stateful proxies. Stateless
proxies do not contain a transaction layer. The transaction layer
has a client component (referred to as a client transaction) and a
server component (referred to as a server transaction), each of which
are represented by a finite state machine that is constructed to
process a particular request.
The layer above the transaction layer is called the transaction user
(TU). Each of the SIP entities, except the stateless proxy, is a
transaction user. When a TU wishes to send a request, it creates a
client transaction instance and passes it the request along with the
destination IP address, port, and transport to which to send the
request. A TU that creates a client transaction can also cancel it.
When a client cancels a transaction, it requests that the server stop
further processing, revert to the state that existed before the
transaction was initiated, and generate a specific error response to
that transaction. This is done with a CANCEL request, which
constitutes its own transaction, but references the transaction to be
cancelled (Section 9).
The SIP elements, that is, user agent clients and servers, stateless
and stateful proxies and registrars, contain a core that
distinguishes them from each other. Cores, except for the stateless
proxy, are transaction users. While the behavior of the UAC and UAS
cores depends on the method, there are some common rules for all
methods (Section 8). For a UAC, these rules govern the construction
of a request; for a UAS, they govern the processing of a request and
generating a response. Since registrations play an important role in
SIP, a UAS that handles a REGISTER is given the special name
registrar. Section 10 describes UAC and UAS core behavior for the
REGISTER method. Section 11 describes UAC and UAS core behavior for
the OPTIONS method, used for determining the capabilities of a UA.
Certain other requests are sent within a dialog. A dialog is a
peer-to-peer SIP relationship between two user agents that persists
for some time. The dialog facilitates sequencing of messages and
proper routing of requests between the user agents. The INVITE
method is the only way defined in this specification to establish a
dialog. When a UAC sends a request that is within the context of a
dialog, it follows the common UAC rules as discussed in Section 8 but
also the rules for mid-dialog requests. Section 12 discusses dialogs
and presents the procedures for their construction and maintenance,
in addition to construction of requests within a dialog.
The most important method in SIP is the INVITE method, which is used
to establish a session between participants. A session is a
collection of participants, and streams of media between them, for
the purposes of communication. Section 13 discusses how sessions are
initiated, resulting in one or more SIP dialogs. Section 14
discusses how characteristics of that session are modified through
the use of an INVITE request within a dialog. Finally, section 15
discusses how a session is terminated.
The procedures of Sections 8, 10, 11, 12, 13, 14, and 15 deal
entirely with the UA core (Section 9 describes cancellation, which
applies to both UA core and proxy core). Section 16 discusses the
proxy element, which facilitates routing of messages between user
agents.
6 Definitions
The following terms have special significance for SIP.
Address-of-Record: An address-of-record (AOR) is a SIP or SIPS URI
that points to a domain with a location service that can map
the URI to another URI where the user might be available.
Typically, the location service is populated through
registrations. An AOR is frequently thought of as the "public
address" of the user.
Back-to-Back User Agent: A back-to-back user agent (B2BUA) is a
logical entity that receives a request and processes it as a
user agent server (UAS). In order to determine how the request
should be answered, it acts as a user agent client (UAC) and
generates requests. Unlike a proxy server, it maintains dialog
state and must participate in all requests sent on the dialogs
it has established. Since it is a concatenation of a UAC and
UAS, no explicit definitions are needed for its behavior.
Call: A call is an informal term that refers to some communication
between peers, generally set up for the purposes of a
multimedia conversation.
Call Leg: Another name for a dialog [31]; no longer used in this
specification.
Call Stateful: A proxy is call stateful if it retains state for a
dialog from the initiating INVITE to the terminating BYE
request. A call stateful proxy is always transaction stateful,
but the converse is not necessarily true.
Client: A client is any network element that sends SIP requests
and receives SIP responses. Clients may or may not interact
directly with a human user. User agent clients and proxies are
clients.
Conference: A multimedia session (see below) that contains
multiple participants.
Core: Core designates the functions specific to a particular type
of SIP entity, i.e., specific to either a stateful or stateless
proxy, a user agent or registrar. All cores, except those for
the stateless proxy, are transaction users.
Dialog: A dialog is a peer-to-peer SIP relationship between two
UAs that persists for some time. A dialog is established by
SIP messages, such as a 2xx response to an INVITE request. A
dialog is identified by a call identifier, local tag, and a
remote tag. A dialog was formerly known as a call leg in RFC
2543.
Downstream: A direction of message forwarding within a transaction
that refers to the direction that requests flow from the user
agent client to user agent server.
Final Response: A response that terminates a SIP transaction, as
opposed to a provisional response that does not. All 2xx, 3xx,
4xx, 5xx and 6xx responses are final.
Header: A header is a component of a SIP message that conveys
information about the message. It is structured as a sequence
of header fields.
Header Field: A header field is a component of the SIP message
header. A header field can appear as one or more header field
rows. Header field rows consist of a header field name and zero
or more header field values. Multiple header field values on a
given header field row are separated by commas. Some header
fields can only have a single header field value, and as a
result, always appear as a single header field row.
Header Field Value: A header field value is a single value; a
header field consists of zero or more header field values.
Home Domain: The domain providing service to a SIP user.
Typically, this is the domain present in the URI in the
address-of-record of a registration.
Informational Response: Same as a provisional response.
Initiator, Calling Party, Caller: The party initiating a session
(and dialog) with an INVITE request. A caller retains this
role from the time it sends the initial INVITE that established
a dialog until the termination of that dialog.
Invitation: An INVITE request.
Invitee, Invited User, Called Party, Callee: The party that
receives an INVITE request for the purpose of establishing a
new session. A callee retains this role from the time it
receives the INVITE until the termination of the dialog
established by that INVITE.
Location Service: A location service is used by a SIP redirect or
proxy server to obtain information about a callee's possible
location(s). It contains a list of bindings of address-of-
record keys to zero or more contact addresses. The bindings
can be created and removed in many ways; this specification
defines a REGISTER method that updates the bindings.
Loop: A request that arrives at a proxy, is forwarded, and later
arrives back at the same proxy. When it arrives the second
time, its Request-URI is identical to the first time, and other
header fields that affect proxy operation are unchanged, so
that the proxy would make the same processing decision on the
request it made the first time. Looped requests are errors,
and the procedures for detecting them and handling them are
described by the protocol.
Loose Routing: A proxy is said to be loose routing if it follows
the procedures defined in this specification for processing of
the Route header field. These procedures separate the
destination of the request (present in the Request-URI) from
the set of proxies that need to be visited along the way
(present in the Route header field). A proxy compliant to
these mechanisms is also known as a loose router.
Message: Data sent between SIP elements as part of the protocol.
SIP messages are either requests or responses.
Method: The method is the primary function that a request is meant
to invoke on a server. The method is carried in the request
message itself. Example methods are INVITE and BYE.
Outbound Proxy: A proxy that receives requests from a client, even
though it may not be the server resolved by the Request-URI.
Typically, a UA is manually configured with an outbound proxy,
or can learn about one through auto-configuration protocols.
Parallel Search: In a parallel search, a proxy issues several
requests to possible user locations upon receiving an incoming
request. Rather than issuing one request and then waiting for
the final response before issuing the next request as in a
sequential search, a parallel search issues requests without
waiting for the result of previous requests.
Provisional Response: A response used by the server to indicate
progress, but that does not terminate a SIP transaction. 1xx
responses are provisional, other responses are considered
final.
Proxy, Proxy Server: An intermediary entity that acts as both a
server and a client for the purpose of making requests on
behalf of other clients. A proxy server primarily plays the
role of routing, which means its job is to ensure that a
request is sent to another entity "closer" to the targeted
user. Proxies are also useful for enforcing policy (for
example, making sure a user is allowed to make a call). A
proxy interprets, and, if necessary, rewrites specific parts of
a request message before forwarding it.
Recursion: A client recurses on a 3xx response when it generates a
new request to one or more of the URIs in the Contact header
field in the response.
Redirect Server: A redirect server is a user agent server that
generates 3xx responses to requests it receives, directing the
client to contact an alternate set of URIs.
Registrar: A registrar is a server that accepts REGISTER requests
and places the information it receives in those requests into
the location service for the domain it handles.
Regular Transaction: A regular transaction is any transaction with
a method other than INVITE, ACK, or CANCEL.
Request: A SIP message sent from a client to a server, for the
purpose of invoking a particular operation.
Response: A SIP message sent from a server to a client, for
indicating the status of a request sent from the client to the
server.
Ringback: Ringback is the signaling tone produced by the calling
party's application indicating that a called party is being
alerted (ringing).
Route Set: A route set is a collection of ordered SIP or SIPS URI
which represent a list of proxies that must be traversed when
sending a particular request. A route set can be learned,
through headers like Record-Route, or it can be configured.
Server: A server is a network element that receives requests in
order to service them and sends back responses to those
requests. Examples of servers are proxies, user agent servers,
redirect servers, and registrars.
Sequential Search: In a sequential search, a proxy server attempts
each contact address in sequence, proceeding to the next one
only after the previous has generated a final response. A 2xx
or 6xx class final response always terminates a sequential
search.
Session: From the SDP specification: "A multimedia session is a
set of multimedia senders and receivers and the data streams
flowing from senders to receivers. A multimedia conference is
an example of a multimedia session." (RFC 2327 [1]) (A session
as defined for SDP can comprise one or more RTP sessions.) As
defined, a callee can be invited several times, by different
calls, to the same session. If SDP is used, a session is
defined by the concatenation of the SDP user name, session id,
network type, address type, and address elements in the origin
field.
SIP Transaction: A SIP transaction occurs between a client and a
server and comprises all messages from the first request sent
from the client to the server up to a final (non-1xx) response
sent from the server to the client. If the request is INVITE
and the final response is a non-2xx, the transaction also
includes an ACK to the response. The ACK for a 2xx response to
an INVITE request is a separate transaction.
Spiral: A spiral is a SIP request that is routed to a proxy,
forwarded onwards, and arrives once again at that proxy, but
this time differs in a way that will result in a different
processing decision than the original request. Typically, this
means that the request's Request-URI differs from its previous
arrival. A spiral is not an error condition, unlike a loop. A
typical cause for this is call forwarding. A user calls
joe@example.com. The example.com proxy forwards it to Joe's
PC, which in turn, forwards it to bob@example.com. This
request is proxied back to the example.com proxy. However,
this is not a loop. Since the request is targeted at a
different user, it is considered a spiral, and is a valid
condition.
Stateful Proxy: A logical entity that maintains the client and
server transaction state machines defined by this specification
during the processing of a request, also known as a transaction
stateful proxy. The behavior of a stateful proxy is further
defined in Section 16. A (transaction) stateful proxy is not
the same as a call stateful proxy.
Stateless Proxy: A logical entity that does not maintain the
client or server transaction state machines defined in this
specification when it processes requests. A stateless proxy
forwards every request it receives downstream and every
response it receives upstream.
Strict Routing: A proxy is said to be strict routing if it follows
the Route processing rules of RFC 2543 and many prior work in
progress versions of this RFC. That rule caused proxies to
destroy the contents of the Request-URI when a Route header
field was present. Strict routing behavior is not used in this
specification, in favor of a loose routing behavior. Proxies
that perform strict routing are also known as strict routers.
Target Refresh Request: A target refresh request sent within a
dialog is defined as a request that can modify the remote
target of the dialog.
Transaction User (TU): The layer of protocol processing that
resides above the transaction layer. Transaction users include
the UAC core, UAS core, and proxy core.
Upstream: A direction of message forwarding within a transaction
that refers to the direction that responses flow from the user
agent server back to the user agent client.
URL-encoded: A character string encoded according to RFC 2396,
Section 2.4 [5].
User Agent Client (UAC): A user agent client is a logical entity
that creates a new request, and then uses the client
transaction state machinery to send it. The role of UAC lasts
only for the duration of that transaction. In other words, if
a piece of software initiates a request, it acts as a UAC for
the duration of that transaction. If it receives a request
later, it assumes the role of a user agent server for the
processing of that transaction.
UAC Core: The set of processing functions required of a UAC that
reside above the transaction and transport layers.
User Agent Server (UAS): A user agent server is a logical entity
that generates a response to a SIP request. The response
accepts, rejects, or redirects the request. This role lasts
only for the duration of that transaction. In other words, if
a piece of software responds to a request, it acts as a UAS for
the duration of that transaction. If it generates a request
later, it assumes the role of a user agent client for the
processing of that transaction.
UAS Core: The set of processing functions required at a UAS that
resides above the transaction and transport layers.
User Agent (UA): A logical entity that can act as both a user
agent client and user agent server.
The role of UAC and UAS, as well as proxy and redirect servers, are
defined on a transaction-by-transaction basis. For example, the user
agent initiating a call acts as a UAC when sending the initial INVITE
request and as a UAS when receiving a BYE request from the callee.
Similarly, the same software can act as a proxy server for one
request and as a redirect server for the next request.
Proxy, location, and registrar servers defined above are logical
entities; implementations MAY combine them into a single application.
7 SIP Messages
SIP is a text-based protocol and uses the UTF-8 charset (RFC 2279
[7]).
A SIP message is either a request from a client to a server, or a
response from a server to a client.
Both Request (section 7.1) and Response (section 7.2) messages use
the basic format of RFC 2822 [3], even though the syntax differs in
character set and syntax specifics. (SIP allows header fields that
would not be valid RFC 2822 header fields, for example.) Both types
of messages consist of a start-line, one or more header fields, an
empty line indicating the end of the header fields, and an optional
message-body.
generic-message = start-line
*message-header
CRLF
[ message-body ]
start-line = Request-Line / Status-Line
The start-line, each message-header line, and the empty line MUST be
terminated by a carriage-return line-feed sequence (CRLF). Note that
the empty line MUST be present even if the message-body is not.
Except for the above difference in character sets, much of SIP's
message and header field syntax is identical to HTTP/1.1. Rather
than repeating the syntax and semantics here, we use [HX.Y] to refer
to Section X.Y of the current HTTP/1.1 specification (RFC 2616 [8]).
However, SIP is not an extension of HTTP.
7.1 Requests
SIP requests are distinguished by having a Request-Line for a start-
line. A Request-Line contains a method name, a Request-URI, and the
protocol version separated by a single space (SP) character.
The Request-Line ends with CRLF. No CR or LF are allowed except in
the end-of-line CRLF sequence. No linear whitespace (LWS) is allowed
in any of the elements.
Request-Line = Method SP Request-URI SP SIP-Version CRLF
Method: This specification defines six methods: REGISTER for
registering contact information, INVITE, ACK, and CANCEL for
setting up sessions, BYE for terminating sessions, and
OPTIONS for querying servers about their capabilities. SIP
extensions, documented in standards track RFCs, may define
additional methods.
Request-URI: The Request-URI is a SIP or SIPS URI as described in
Section 19.1 or a general URI (RFC 2396 [5]). It indicates
the user or service to which this request is being addressed.
The Request-URI MUST NOT contain unescaped spaces or control
characters and MUST NOT be enclosed in "<>".
SIP elements MAY support Request-URIs with schemes other than
"sip" and "sips", for example the "tel" URI scheme of RFC
2806 [9]. SIP elements MAY translate non-SIP URIs using any
mechanism at their disposal, resulting in SIP URI, SIPS URI,
or some other scheme.
SIP-Version: Both request and response messages include the
version of SIP in use, and follow [H3.1] (with HTTP replaced
by SIP, and HTTP/1.1 replaced by SIP/2.0) regarding version
ordering, compliance requirements, and upgrading of version
numbers. To be compliant with this specification,
applications sending SIP messages MUST include a SIP-Version
of "SIP/2.0". The SIP-Version string is case-insensitive,
but implementations MUST send upper-case.
Unlike HTTP/1.1, SIP treats the version number as a literal
string. In practice, this should make no difference.
7.2 Responses
SIP responses are distinguished from requests by having a Status-Line
as their start-line. A Status-Line consists of the protocol version
followed by a numeric Status-Code and its associated textual phrase,
with each element separated by a single SP character.
No CR or LF is allowed except in the final CRLF sequence.
Status-Line = SIP-Version SP Status-Code SP Reason-Phrase CRLF
The Status-Code is a 3-digit integer result code that indicates the
outcome of an attempt to understand and satisfy a request. The
Reason-Phrase is intended to give a short textual description of the
Status-Code. The Status-Code is intended for use by automata,
whereas the Reason-Phrase is intended for the human user. A client
is not required to examine or display the Reason-Phrase.
While this specification suggests specific wording for the reason
phrase, implementations MAY choose other text, for example, in the
language indicated in the Accept-Language header field of the
request.
The first digit of the Status-Code defines the class of response.
The last two digits do not have any categorization role. For this
reason, any response with a status code between 100 and 199 is
referred to as a "1xx response", any response with a status code
between 200 and 299 as a "2xx response", and so on. SIP/2.0 allows
six values for the first digit:
1xx: Provisional -- request received, continuing to process the
request;
2xx: Success -- the action was successfully received, understood,
and accepted;
3xx: Redirection -- further action needs to be taken in order to
complete the request;
4xx: Client Error -- the request contains bad syntax or cannot be
fulfilled at this server;
5xx: Server Error -- the server failed to fulfill an apparently
valid request;
6xx: Global Failure -- the request cannot be fulfilled at any
server.
Section 21 defines these classes and describes the individual codes.
7.3 Header Fields
SIP header fields are similar to HTTP header fields in both syntax
and semantics. In particular, SIP header fields follow the [H4.2]
definitions of syntax for the message-header and the rules for
extending header fields over multiple lines. However, the latter is
specified in HTTP with implicit whitespace and folding. This
specification conforms to RFC 2234 [10] and uses only explicit
whitespace and folding as an integral part of the grammar.
[H4.2] also specifies that multiple header fields of the same field
name whose value is a comma-separated list can be combined into one
header field. That applies to SIP as well, but the specific rule is
different because of the different grammars. Specifically, any SIP
header whose grammar is of the form
header = "header-name" HCOLON header-value *(COMMA header-value)
allows for combining header fields of the same name into a comma-
separated list. The Contact header field allows a comma-separated
list unless the header field value is "*".
7.3.1 Header Field Format
Header fields follow the same generic header format as that given in
Section 2.2 of RFC 2822 [3]. Each header field consists of a field
name followed by a colon (":") and the field value.
field-name: field-value
The formal grammar for a message-header specified in Section 25
allows for an arbitrary amount of whitespace on either side of the
colon; however, implementations should avoid spaces between the field
name and the colon and use a single space (SP) between the colon and
the field-value.
Subject: lunch
Subject : lunch
Subject :lunch
Subject: lunch
Thus, the above are all valid and equivalent, but the last is the
preferred form.
Header fields can be extended over multiple lines by preceding each
extra line with at least one SP or horizontal tab (HT). The line
break and the whitespace at the beginning of the next line are
treated as a single SP character. Thus, the following are
equivalent:
Subject: I know you're there, pick up the phone and talk to me!
Subject: I know you're there,
pick up the phone
and talk to me!
The relative order of header fields with different field names is not
significant. However, it is RECOMMENDED that header fields which are
needed for proxy processing (Via, Route, Record-Route, Proxy-Require,
Max-Forwards, and Proxy-Authorization, for example) appear towards
the top of the message to facilitate rapid parsing. The relative
order of header field rows with the same field name is important.
Multiple header field rows with the same field-name MAY be present in
a message if and only if the entire field-value for that header field
is defined as a comma-separated list (that is, if follows the grammar
defined in Section 7.3). It MUST be possible to combine the multiple
header field rows into one "field-name: field-value" pair, without
changing the semantics of the message, by appending each subsequent
field-value to the first, each separated by a comma. The exceptions
to this rule are the WWW-Authenticate, Authorization, Proxy-
Authenticate, and Proxy-Authorization header fields. Multiple header
field rows with these names MAY be present in a message, but since
their grammar does not follow the general form listed in Section 7.3,
they MUST NOT be combined into a single header field row.
Implementations MUST be able to process multiple header field rows
with the same name in any combination of the single-value-per-line or
comma-separated value forms.
The following groups of header field rows are valid and equivalent:
Route: <sip:alice@atlanta.com>
Subject: Lunch
Route: <sip:bob@biloxi.com>
Route: <sip:carol@chicago.com>
Route: <sip:alice@atlanta.com>, <sip:bob@biloxi.com>
Route: <sip:carol@chicago.com>
Subject: Lunch
Subject: Lunch
Route: <sip:alice@atlanta.com>, <sip:bob@biloxi.com>,
<sip:carol@chicago.com>
Each of the following blocks is valid but not equivalent to the
others:
Route: <sip:alice@atlanta.com>
Route: <sip:bob@biloxi.com>
Route: <sip:carol@chicago.com>
Route: <sip:bob@biloxi.com>
Route: <sip:alice@atlanta.com>
Route: <sip:carol@chicago.com>
Route: <sip:alice@atlanta.com>,<sip:carol@chicago.com>,
<sip:bob@biloxi.com>
The format of a header field-value is defined per header-name. It
will always be either an opaque sequence of TEXT-UTF8 octets, or a
combination of whitespace, tokens, separators, and quoted strings.
Many existing header fields will adhere to the general form of a
value followed by a semi-colon separated sequence of parameter-name,
parameter-value pairs:
field-name: field-value *(;parameter-name=parameter-value)
Even though an arbitrary number of parameter pairs may be attached to
a header field value, any given parameter-name MUST NOT appear more
than once.
When comparing header fields, field names are always case-
insensitive. Unless otherwise stated in the definition of a
particular header field, field values, parameter names, and parameter
values are case-insensitive. Tokens are always case-insensitive.
Unless specified otherwise, values expressed as quoted strings are
case-sensitive. For example,
Contact: <sip:alice@atlanta.com>;expires=3600
is equivalent to
CONTACT: <sip:alice@atlanta.com>;ExPiReS=3600
and
Content-Disposition: session;handling=optional
is equivalent to
content-disposition: Session;HANDLING=OPTIONAL
The following two header fields are not equivalent:
Warning: 370 devnull "Choose a bigger pipe"
Warning: 370 devnull "CHOOSE A BIGGER PIPE"
7.3.2 Header Field Classification
Some header fields only make sense in requests or responses. These
are called request header fields and response header fields,
respectively. If a header field appears in a message not matching
its category (such as a request header field in a response), it MUST
be ignored. Section 20 defines the classification of each header
field.
7.3.3 Compact Form
SIP provides a mechanism to represent common header field names in an
abbreviated form. This may be useful when messages would otherwise
become too large to be carried on the transport available to it
(exceeding the maximum transmission unit (MTU) when using UDP, for
example). These compact forms are defined in Section 20. A compact
form MAY be substituted for the longer form of a header field name at
any time without changing the semantics of the message. A header
field name MAY appear in both long and short forms within the same
message. Implementations MUST accept both the long and short forms
of each header name.
7.4 Bodies
Requests, including new requests defined in extensions to this
specification, MAY contain message bodies unless otherwise noted.
The interpretation of the body depends on the request method.
For response messages, the request method and the response status
code determine the type and interpretation of any message body. All
responses MAY include a body.
7.4.1 Message Body Type
The Internet media type of the message body MUST be given by the
Content-Type header field. If the body has undergone any encoding
such as compression, then this MUST be indicated by the Content-
Encoding header field; otherwise, Content-Encoding MUST be omitted.
If applicable, the character set of the message body is indicated as
part of the Content-Type header-field value.
The "multipart" MIME type defined in RFC 2046 [11] MAY be used within
the body of the message. Implementations that send requests
containing multipart message bodies MUST send a session description
as a non-multipart message body if the remote implementation requests
this through an Accept header field that does not contain multipart.
SIP messages MAY contain binary bodies or body parts. When no
explicit charset parameter is provided by the sender, media subtypes
of the "text" type are defined to have a default charset value of
"UTF-8".
7.4.2 Message Body Length
The body length in bytes is provided by the Content-Length header
field. Section 20.14 describes the necessary contents of this header
field in detail.
The "chunked" transfer encoding of HTTP/1.1 MUST NOT be used for SIP.
(Note: The chunked encoding modifies the body of a message in order
to transfer it as a series of chunks, each with its own size
indicator.)
7.5 Framing SIP Messages
Unlike HTTP, SIP implementations can use UDP or other unreliable
datagram protocols. Each such datagram carries one request or
response. See Section 18 on constraints on usage of unreliable
transports.
Implementations processing SIP messages over stream-oriented
transports MUST ignore any CRLF appearing before the start-line
[H4.1].
The Content-Length header field value is used to locate the end of
each SIP message in a stream. It will always be present when SIP
messages are sent over stream-oriented transports.
8 General User Agent Behavior
A user agent represents an end system. It contains a user agent
client (UAC), which generates requests, and a user agent server
(UAS), which responds to them. A UAC is capable of generating a
request based on some external stimulus (the user clicking a button,
or a signal on a PSTN line) and processing a response. A UAS is
capable of receiving a request and generating a response based on
user input, external stimulus, the result of a program execution, or
some other mechanism.
When a UAC sends a request, the request passes through some number of
proxy servers, which forward the request towards the UAS. When the
UAS generates a response, the response is forwarded towards the UAC.
UAC and UAS procedures depend strongly on two factors. First, based
on whether the request or response is inside or outside of a dialog,
and second, based on the method of a request. Dialogs are discussed
thoroughly in Section 12; they represent a peer-to-peer relationship
between user agents and are established by specific SIP methods, such
as INVITE.
In this section, we discuss the method-independent rules for UAC and
UAS behavior when processing requests that are outside of a dialog.
This includes, of course, the requests which themselves establish a
dialog.
Security procedures for requests and responses outside of a dialog
are described in Section 26. Specifically, mechanisms exist for the
UAS and UAC to mutually authenticate. A limited set of privacy
features are also supported through encryption of bodies using
S/MIME.
8.1 UAC Behavior
This section covers UAC behavior outside of a dialog.
8.1.1 Generating the Request
A valid SIP request formulated by a UAC MUST, at a minimum, contain
the following header fields: To, From, CSeq, Call-ID, Max-Forwards,
and Via; all of these header fields are mandatory in all SIP
requests. These six header fields are the fundamental building
blocks of a SIP message, as they jointly provide for most of the
critical message routing services including the addressing of
messages, the routing of responses, limiting message propagation,
ordering of messages, and the unique identification of transactions.
These header fields are in addition to the mandatory request line,
which contains the method, Request-URI, and SIP version.
Examples of requests sent outside of a dialog include an INVITE to
establish a session (Section 13) and an OPTIONS to query for
capabilities (Section 11).
8.1.1.1 Request-URI
The initial Request-URI of the message SHOULD be set to the value of
the URI in the To field. One notable exception is the REGISTER
method; behavior for setting the Request-URI of REGISTER is given in
Section 10. It may also be undesirable for privacy reasons or
convenience to set these fields to the same value (especially if the
originating UA expects that the Request-URI will be changed during
transit).
In some special circumstances, the presence of a pre-existing route
set can affect the Request-URI of the message. A pre-existing route
set is an ordered set of URIs that identify a chain of servers, to
which a UAC will send outgoing requests that are outside of a dialog.
Commonly, they are configured on the UA by a user or service provider
manually, or through some other non-SIP mechanism. When a provider
wishes to configure a UA with an outbound proxy, it is RECOMMENDED
that this be done by providing it with a pre-existing route set with
a single URI, that of the outbound proxy.
When a pre-existing route set is present, the procedures for
populating the Request-URI and Route header field detailed in Section
12.2.1.1 MUST be followed (even though there is no dialog), using the
desired Request-URI as the remote target URI.
8.1.1.2 To
The To header field first and foremost specifies the desired
"logical" recipient of the request, or the address-of-record of the
user or resource that is the target of this request. This may or may
not be the ultimate recipient of the request. The To header field
MAY contain a SIP or SIPS URI, but it may also make use of other URI
schemes (the tel URL (RFC 2806 [9]), for example) when appropriate.
All SIP implementations MUST support the SIP URI scheme. Any
implementation that supports TLS MUST support the SIPS URI scheme.
The To header field allows for a display name.
A UAC may learn how to populate the To header field for a particular
request in a number of ways. Usually the user will suggest the To
header field through a human interface, perhaps inputting the URI
manually or selecting it from some sort of address book. Frequently,
the user will not enter a complete URI, but rather a string of digits
or letters (for example, "bob"). It is at the discretion of the UA
to choose how to interpret this input. Using the string to form the
user part of a SIP URI implies that the UA wishes the name to be
resolved in the domain to the right-hand side (RHS) of the at-sign in
the SIP URI (for instance, sip:bob@example.com). Using the string to
form the user part of a SIPS URI implies that the UA wishes to
communicate securely, and that the name is to be resolved in the
domain to the RHS of the at-sign. The RHS will frequently be the
home domain of the requestor, which allows for the home domain to
process the outgoing request. This is useful for features like
"speed dial" that require interpretation of the user part in the home
domain. The tel URL may be used when the UA does not wish to specify
the domain that should interpret a telephone number that has been
input by the user. Rather, each domain through which the request
passes would be given that opportunity. As an example, a user in an
airport might log in and send requests through an outbound proxy in
the airport. If they enter "411" (this is the phone number for local
directory assistance in the United States), that needs to be
interpreted and processed by the outbound proxy in the airport, not
the user's home domain. In this case, tel:411 would be the right
choice.
A request outside of a dialog MUST NOT contain a To tag; the tag in
the To field of a request identifies the peer of the dialog. Since
no dialog is established, no tag is present.
For further information on the To header field, see Section 20.39.
The following is an example of a valid To header field:
To: Carol <sip:carol@chicago.com>
8.1.1.3 From
The From header field indicates the logical identity of the initiator
of the request, possibly the user's address-of-record. Like the To
header field, it contains a URI and optionally a display name. It is
used by SIP elements to determine which processing rules to apply to
a request (for example, automatic call rejection). As such, it is
very important that the From URI not contain IP addresses or the FQDN
of the host on which the UA is running, since these are not logical
names.
The From header field allows for a display name. A UAC SHOULD use
the display name "Anonymous", along with a syntactically correct, but
otherwise meaningless URI (like sip:thisis@anonymous.invalid), if the
identity of the client is to remain hidden.
Usually, the value that populates the From header field in requests
generated by a particular UA is pre-provisioned by the user or by the
administrators of the user's local domain. If a particular UA is
used by multiple users, it might have switchable profiles that
include a URI corresponding to the identity of the profiled user.
Recipients of requests can authenticate the originator of a request
in order to ascertain that they are who their From header field
claims they are (see Section 22 for more on authentication).
The From field MUST contain a new "tag" parameter, chosen by the UAC.
See Section 19.3 for details on choosing a tag.
For further information on the From header field, see Section 20.20.
Examples:
From: "Bob" <sips:bob@biloxi.com> ;tag=a48s
From: sip:+12125551212@phone2net.com;tag=887s
From: Anonymous <sip:c8oqz84zk7z@privacy.org>;tag=hyh8
8.1.1.4 Call-ID
The Call-ID header field acts as a unique identifier to group
together a series of messages. It MUST be the same for all requests
and responses sent by either UA in a dialog. It SHOULD be the same
in each registration from a UA.
In a new request created by a UAC outside of any dialog, the Call-ID
header field MUST be selected by the UAC as a globally unique
identifier over space and time unless overridden by method-specific
behavior. All SIP UAs must have a means to guarantee that the Call-
ID header fields they produce will not be inadvertently generated by
any other UA. Note that when requests are retried after certain
failure responses that solicit an amendment to a request (for
example, a challenge for authentication), these retried requests are
not considered new requests, and therefore do not need new Call-ID
header fields; see Section 8.1.3.5.
Use of cryptographically random identifiers (RFC 1750 [12]) in the
generation of Call-IDs is RECOMMENDED. Implementations MAY use the
form "localid@host". Call-IDs are case-sensitive and are simply
compared byte-by-byte.
Using cryptographically random identifiers provides some
protection against session hijacking and reduces the likelihood of
unintentional Call-ID collisions.
No provisioning or human interface is required for the selection of
the Call-ID header field value for a request.
For further information on the Call-ID header field, see Section
20.8.
Example:
Call-ID: f81d4fae-7dec-11d0-a765-00a0c91e6bf6@foo.bar.com
8.1.1.5 CSeq
The CSeq header field serves as a way to identify and order
transactions. It consists of a sequence number and a method. The
method MUST match that of the request. For non-REGISTER requests
outside of a dialog, the sequence number value is arbitrary. The
sequence number value MUST be expressible as a 32-bit unsigned
integer and MUST be less than 2**31. As long as it follows the above
guidelines, a client may use any mechanism it would like to select
CSeq header field values.
Section 12.2.1.1 discusses construction of the CSeq for requests
within a dialog.
Example:
CSeq: 4711 INVITE
8.1.1.6 Max-Forwards
The Max-Forwards header field serves to limit the number of hops a
request can transit on the way to its destination. It consists of an
integer that is decremented by one at each hop. If the Max-Forwards
value reaches 0 before the request reaches its destination, it will
be rejected with a 483(Too Many Hops) error response.
A UAC MUST insert a Max-Forwards header field into each request it
originates with a value that SHOULD be 70. This number was chosen to
be sufficiently large to guarantee that a request would not be
dropped in any SIP network when there were no loops, but not so large
as to consume proxy resources when a loop does occur. Lower values
should be used with caution and only in networks where topologies are
known by the UA.
8.1.1.7 Via
The Via header field indicates the transport used for the transaction
and identifies the location where the response is to be sent. A Via
header field value is added only after the transport that will be
used to reach the next hop has been selected (which may involve the
usage of the procedures in [4]).
When the UAC creates a request, it MUST insert a Via into that
request. The protocol name and protocol version in the header field
MUST be SIP and 2.0, respectively. The Via header field value MUST
contain a branch parameter. This parameter is used to identify the
transaction created by that request. This parameter is used by both
the client and the server.
The branch parameter value MUST be unique across space and time for
all requests sent by the UA. The exceptions to this rule are CANCEL
and ACK for non-2xx responses. As discussed below, a CANCEL request
will have the same value of the branch parameter as the request it
cancels. As discussed in Section 17.1.1.3, an ACK for a non-2xx
response will also have the same branch ID as the INVITE whose
response it acknowledges.
The uniqueness property of the branch ID parameter, to facilitate
its use as a transaction ID, was not part of RFC 2543.
The branch ID inserted by an element compliant with this
specification MUST always begin with the characters "z9hG4bK". These
7 characters are used as a magic cookie (7 is deemed sufficient to
ensure that an older RFC 2543 implementation would not pick such a
value), so that servers receiving the request can determine that the
branch ID was constructed in the fashion described by this
specification (that is, globally unique). Beyond this requirement,
the precise format of the branch token is implementation-defined.
The Via header maddr, ttl, and sent-by components will be set when
the request is processed by the transport layer (Section 18).
Via processing for proxies is described in Section 16.6 Item 8 and
Section 16.7 Item 3.
8.1.1.8 Contact
The Contact header field provides a SIP or SIPS URI that can be used
to contact that specific instance of the UA for subsequent requests.
The Contact header field MUST be present and contain exactly one SIP
or SIPS URI in any request that can result in the establishment of a
dialog. For the methods defined in this specification, that includes
only the INVITE request. For these requests, the scope of the
Contact is global. That is, the Contact header field value contains
the URI at which the UA would like to receive requests, and this URI
MUST be valid even if used in subsequent requests outside of any
dialogs.
If the Request-URI or top Route header field value contains a SIPS
URI, the Contact header field MUST contain a SIPS URI as well.
For further information on the Contact header field, see Section
20.10.
8.1.1.9 Supported and Require
If the UAC supports extensions to SIP that can be applied by the
server to the response, the UAC SHOULD include a Supported header
field in the request listing the option tags (Section 19.2) for those
extensions.
The option tags listed MUST only refer to extensions defined in
standards-track RFCs. This is to prevent servers from insisting that
clients implement non-standard, vendor-defined features in order to
receive service. Extensions defined by experimental and
informational RFCs are explicitly excluded from usage with the
Supported header field in a request, since they too are often used to
document vendor-defined extensions.
If the UAC wishes to insist that a UAS understand an extension that
the UAC will apply to the request in order to process the request, it
MUST insert a Require header field into the request listing the
option tag for that extension. If the UAC wishes to apply an
extension to the request and insist that any proxies that are
traversed understand that extension, it MUST insert a Proxy-Require
header field into the request listing the option tag for that
extension.
As with the Supported header field, the option tags in the Require
and Proxy-Require header fields MUST only refer to extensions defined
in standards-track RFCs.
8.1.1.10 Additional Message Components
After a new request has been created, and the header fields described
above have been properly constructed, any additional optional header
fields are added, as are any header fields specific to the method.
SIP requests MAY contain a MIME-encoded message-body. Regardless of
the type of body that a request contains, certain header fields must
be formulated to characterize the contents of the body. For further
information on these header fields, see Sections 20.11 through 20.15.
8.1.2 Sending the Request
The destination for the request is then computed. Unless there is
local policy specifying otherwise, the destination MUST be determined
by applying the DNS procedures described in [4] as follows. If the
first element in the route set indicated a strict router (resulting
in forming the request as described in Section 12.2.1.1), the
procedures MUST be applied to the Request-URI of the request.
Otherwise, the procedures are applied to the first Route header field
value in the request (if one exists), or to the request's Request-URI
if there is no Route header field present. These procedures yield an
ordered set of address, port, and transports to attempt. Independent
of which URI is used as input to the procedures of [4], if the
Request-URI specifies a SIPS resource, the UAC MUST follow the
procedures of [4] as if the input URI were a SIPS URI.
Local policy MAY specify an alternate set of destinations to attempt.
If the Request-URI contains a SIPS URI, any alternate destinations
MUST be contacted with TLS. Beyond that, there are no restrictions
on the alternate destinations if the request contains no Route header
field. This provides a simple alternative to a pre-existing route
set as a way to specify an outbound proxy. However, that approach
for configuring an outbound proxy is NOT RECOMMENDED; a pre-existing
route set with a single URI SHOULD be used instead. If the request
contains a Route header field, the request SHOULD be sent to the
locations derived from its topmost value, but MAY be sent to any
server that the UA is certain will honor the Route and Request-URI
policies specified in this document (as opposed to those in RFC
2543). In particular, a UAC configured with an outbound proxy SHOULD
attempt to send the request to the location indicated in the first
Route header field value instead of adopting the policy of sending
all messages to the outbound proxy.
This ensures that outbound proxies that do not add Record-Route
header field values will drop out of the path of subsequent
requests. It allows endpoints that cannot resolve the first Route
URI to delegate that task to an outbound proxy.
The UAC SHOULD follow the procedures defined in [4] for stateful
elements, trying each address until a server is contacted. Each try
constitutes a new transaction, and therefore each carries a different
topmost Via header field value with a new branch parameter.
Furthermore, the transport value in the Via header field is set to
whatever transport was determined for the target server.
8.1.3 Processing Responses
Responses are first processed by the transport layer and then passed
up to the transaction layer. The transaction layer performs its
processing and then passes the response up to the TU. The majority
of response processing in the TU is method specific. However, there
are some general behaviors independent of the method.
8.1.3.1 Transaction Layer Errors
In some cases, the response returned by the transaction layer will
not be a SIP message, but rather a transaction layer error. When a
timeout error is received from the transaction layer, it MUST be
treated as if a 408 (Request Timeout) status code has been received.
If a fatal transport error is reported by the transport layer
(generally, due to fatal ICMP errors in UDP or connection failures in
TCP), the condition MUST be treated as a 503 (Service Unavailable)
status code.
8.1.3.2 Unrecognized Responses
A UAC MUST treat any final response it does not recognize as being
equivalent to the x00 response code of that class, and MUST be able
to process the x00 response code for all classes. For example, if a
UAC receives an unrecognized response code of 431, it can safely
assume that there was something wrong with its request and treat the
response as if it had received a 400 (Bad Request) response code. A
UAC MUST treat any provisional response different than 100 that it
does not recognize as 183 (Session Progress). A UAC MUST be able to
process 100 and 183 responses.
8.1.3.3 Vias
If more than one Via header field value is present in a response, the
UAC SHOULD discard the message.
The presence of additional Via header field values that precede
the originator of the request suggests that the message was
misrouted or possibly corrupted.
8.1.3.4 Processing 3xx Responses
Upon receipt of a redirection response (for example, a 301 response
status code), clients SHOULD use the URI(s) in the Contact header
field to formulate one or more new requests based on the redirected
request. This process is similar to that of a proxy recursing on a
3xx class response as detailed in Sections 16.5 and 16.6. A client
starts with an initial target set containing exactly one URI, the
Request-URI of the original request. If a client wishes to formulate
new requests based on a 3xx class response to that request, it places
the URIs to try into the target set. Subject to the restrictions in
this specification, a client can choose which Contact URIs it places
into the target set. As with proxy recursion, a client processing
3xx class responses MUST NOT add any given URI to the target set more
than once. If the original request had a SIPS URI in the Request-
URI, the client MAY choose to recurse to a non-SIPS URI, but SHOULD
inform the user of the redirection to an insecure URI.
Any new request may receive 3xx responses themselves containing
the original URI as a contact. Two locations can be configured to
redirect to each other. Placing any given URI in the target set
only once prevents infinite redirection loops.
As the target set grows, the client MAY generate new requests to the
URIs in any order. A common mechanism is to order the set by the "q"
parameter value from the Contact header field value. Requests to the
URIs MAY be generated serially or in parallel. One approach is to
process groups of decreasing q-values serially and process the URIs
in each q-value group in parallel. Another is to perform only serial
processing in decreasing q-value order, arbitrarily choosing between
contacts of equal q-value.
If contacting an address in the list results in a failure, as defined
in the next paragraph, the element moves to the next address in the
list, until the list is exhausted. If the list is exhausted, then
the request has failed.
Failures SHOULD be detected through failure response codes (codes
greater than 399); for network errors the client transaction will
report any transport layer failures to the transaction user. Note
that some response codes (detailed in 8.1.3.5) indicate that the
request can be retried; requests that are reattempted should not be
considered failures.
When a failure for a particular contact address is received, the
client SHOULD try the next contact address. This will involve
creating a new client transaction to deliver a new request.
In order to create a request based on a contact address in a 3xx
response, a UAC MUST copy the entire URI from the target set into the
Request-URI, except for the "method-param" and "header" URI
parameters (see Section 19.1.1 for a definition of these parameters).
It uses the "header" parameters to create header field values for the
new request, overwriting header field values associated with the
redirected request in accordance with the guidelines in Section
19.1.5.
Note that in some instances, header fields that have been
communicated in the contact address may instead append to existing
request header fields in the original redirected request. As a
general rule, if the header field can accept a comma-separated list
of values, then the new header field value MAY be appended to any
existing values in the original redirected request. If the header
field does not accept multiple values, the value in the original
redirected request MAY be overwritten by the header field value
communicated in the contact address. For example, if a contact
address is returned with the following value:
sip:user@host?Subject=foo&Call-Info=<http://www.foo.com>
Then any Subject header field in the original redirected request is
overwritten, but the HTTP URL is merely appended to any existing
Call-Info header field values.
It is RECOMMENDED that the UAC reuse the same To, From, and Call-ID
used in the original redirected request, but the UAC MAY also choose
to update the Call-ID header field value for new requests, for
example.
Finally, once the new request has been constructed, it is sent using
a new client transaction, and therefore MUST have a new branch ID in
the top Via field as discussed in Section 8.1.1.7.
In all other respects, requests sent upon receipt of a redirect
response SHOULD re-use the header fields and bodies of the original
request.
In some instances, Contact header field values may be cached at UAC
temporarily or permanently depending on the status code received and
the presence of an expiration interval; see Sections 21.3.2 and
21.3.3.
8.1.3.5 Processing 4xx Responses
Certain 4xx response codes require specific UA processing,
independent of the method.
If a 401 (Unauthorized) or 407 (Proxy Authentication Required)
response is received, the UAC SHOULD follow the authorization
procedures of Section 22.2 and Section 22.3 to retry the request with
credentials.
If a 413 (Request Entity Too Large) response is received (Section
21.4.11), the request contained a body that was longer than the UAS
was willing to accept. If possible, the UAC SHOULD retry the
request, either omitting the body or using one of a smaller length.
If a 415 (Unsupported Media Type) response is received (Section
21.4.13), the request contained media types not supported by the UAS.
The UAC SHOULD retry sending the request, this time only using
content with types listed in the Accept header field in the response,
with encodings listed in the Accept-Encoding header field in the
response, and with languages listed in the Accept-Language in the
response.
If a 416 (Unsupported URI Scheme) response is received (Section
21.4.14), the Request-URI used a URI scheme not supported by the
server. The client SHOULD retry the request, this time, using a SIP
URI.
If a 420 (Bad Extension) response is received (Section 21.4.15), the
request contained a Require or Proxy-Require header field listing an
option-tag for a feature not supported by a proxy or UAS. The UAC
SHOULD retry the request, this time omitting any extensions listed in
the Unsupported header field in the response.
In all of the above cases, the request is retried by creating a new
request with the appropriate modifications. This new request
constitutes a new transaction and SHOULD have the same value of the
Call-ID, To, and From of the previous request, but the CSeq should
contain a new sequence number that is one higher than the previous.
With other 4xx responses, including those yet to be defined, a retry
may or may not be possible depending on the method and the use case.
8.2 UAS Behavior
When a request outside of a dialog is processed by a UAS, there is a
set of processing rules that are followed, independent of the method.
Section 12 gives guidance on how a UAS can tell whether a request is
inside or outside of a dialog.
Note that request processing is atomic. If a request is accepted,
all state changes associated with it MUST be performed. If it is
rejected, all state changes MUST NOT be performed.
UASs SHOULD process the requests in the order of the steps that
follow in this section (that is, starting with authentication, then
inspecting the method, the header fields, and so on throughout the
remainder of this section).
8.2.1 Method Inspection
Once a request is authenticated (or authentication is skipped), the
UAS MUST inspect the method of the request. If the UAS recognizes
but does not support the method of a request, it MUST generate a 405
(Method Not Allowed) response. Procedures for generating responses
are described in Section 8.2.6. The UAS MUST also add an Allow
header field to the 405 (Method Not Allowed) response. The Allow
header field MUST list the set of methods supported by the UAS
generating the message. The Allow header field is presented in
Section 20.5.
If the method is one supported by the server, processing continues.
8.2.2 Header Inspection
If a UAS does not understand a header field in a request (that is,
the header field is not defined in this specification or in any
supported extension), the server MUST ignore that header field and
continue processing the message. A UAS SHOULD ignore any malformed
header fields that are not necessary for processing requests.
8.2.2.1 To and Request-URI
The To header field identifies the original recipient of the request
designated by the user identified in the From field. The original
recipient may or may not be the UAS processing the request, due to
call forwarding or other proxy operations. A UAS MAY apply any
policy it wishes to determine whether to accept requests when the To
header field is not the identity of the UAS. However, it is
RECOMMENDED that a UAS accept requests even if they do not recognize
the URI scheme (for example, a tel: URI) in the To header field, or
if the To header field does not address a known or current user of
this UAS. If, on the other hand, the UAS decides to reject the
request, it SHOULD generate a response with a 403 (Forbidden) status
code and pass it to the server transaction for transmission.
However, the Request-URI identifies the UAS that is to process the
request. If the Request-URI uses a scheme not supported by the UAS,
it SHOULD reject the request with a 416 (Unsupported URI Scheme)
response. If the Request-URI does not identify an address that the
UAS is willing to accept requests for, it SHOULD reject the request
with a 404 (Not Found) response. Typically, a UA that uses the
REGISTER method to bind its address-of-record to a specific contact
address will see requests whose Request-URI equals that contact
address. Other potential sources of received Request-URIs include
the Contact header fields of requests and responses sent by the UA
that establish or refresh dialogs.
8.2.2.2 Merged Requests
If the request has no tag in the To header field, the UAS core MUST
check the request against ongoing transactions. If the From tag,
Call-ID, and CSeq exactly match those associated with an ongoing
transaction, but the request does not match that transaction (based
on the matching rules in Section 17.2.3), the UAS core SHOULD
generate a 482 (Loop Detected) response and pass it to the server
transaction.
The same request has arrived at the UAS more than once, following
different paths, most likely due to forking. The UAS processes
the first such request received and responds with a 482 (Loop
Detected) to the rest of them.
8.2.2.3 Require
Assuming the UAS decides that it is the proper element to process the
request, it examines the Require header field, if present.
The Require header field is used by a UAC to tell a UAS about SIP
extensions that the UAC expects the UAS to support in order to
process the request properly. Its format is described in Section
20.32. If a UAS does not understand an option-tag listed in a
Require header field, it MUST respond by generating a response with
status code 420 (Bad Extension). The UAS MUST add an Unsupported
header field, and list in it those options it does not understand
amongst those in the Require header field of the request.
Note that Require and Proxy-Require MUST NOT be used in a SIP CANCEL
request, or in an ACK request sent for a non-2xx response. These
header fields MUST be ignored if they are present in these requests.
An ACK request for a 2xx response MUST contain only those Require and
Proxy-Require values that were present in the initial request.
Example:
UAC->UAS: INVITE sip:watson@bell-telephone.com SIP/2.0
Require: 100rel
UAS->UAC: SIP/2.0 420 Bad Extension
Unsupported: 100rel
This behavior ensures that the client-server interaction will
proceed without delay when all options are understood by both
sides, and only slow down if options are not understood (as in the
example above). For a well-matched client-server pair, the
interaction proceeds quickly, saving a round-trip often required
by negotiation mechanisms. In addition, it also removes ambiguity
when the client requires features that the server does not
understand. Some features, such as call handling fields, are only
of interest to end systems.
8.2.3 Content Processing
Assuming the UAS understands any extensions required by the client,
the UAS examines the body of the message, and the header fields that
describe it. If there are any bodies whose type (indicated by the
Content-Type), language (indicated by the Content-Language) or
encoding (indicated by the Content-Encoding) are not understood, and
that body part is not optional (as indicated by the Content-
Disposition header field), the UAS MUST reject the request with a 415
(Unsupported Media Type) response. The response MUST contain an
Accept header field listing the types of all bodies it understands,
in the event the request contained bodies of types not supported by
the UAS. If the request contained content encodings not understood
by the UAS, the response MUST contain an Accept-Encoding header field
listing the encodings understood by the UAS. If the request
contained content with languages not understood by the UAS, the
response MUST contain an Accept-Language header field indicating the
languages understood by the UAS. Beyond these checks, body handling
depends on the method and type. For further information on the
processing of content-specific header fields, see Section 7.4 as well
as Section 20.11 through 20.15.
8.2.4 Applying Extensions
A UAS that wishes to apply some extension when generating the
response MUST NOT do so unless support for that extension is
indicated in the Supported header field in the request. If the
desired extension is not supported, the server SHOULD rely only on
baseline SIP and any other extensions supported by the client. In
rare circumstances, where the server cannot process the request
without the extension, the server MAY send a 421 (Extension Required)
response. This response indicates that the proper response cannot be
generated without support of a specific extension. The needed
extension(s) MUST be included in a Require header field in the
response. This behavior is NOT RECOMMENDED, as it will generally
break interoperability.
Any extensions applied to a non-421 response MUST be listed in a
Require header field included in the response. Of course, the server
MUST NOT apply extensions not listed in the Supported header field in
the request. As a result of this, the Require header field in a
response will only ever contain option tags defined in standards-
track RFCs.
8.2.5 Processing the Request
Assuming all of the checks in the previous subsections are passed,
the UAS processing becomes method-specific. Section 10 covers the
REGISTER request, Section 11 covers the OPTIONS request, Section 13
covers the INVITE request, and Section 15 covers the BYE request.
8.2.6 Generating the Response
When a UAS wishes to construct a response to a request, it follows
the general procedures detailed in the following subsections.
Additional behaviors specific to the response code in question, which
are not detailed in this section, may also be required.
Once all procedures associated with the creation of a response have
been completed, the UAS hands the response back to the server
transaction from which it received the request.
8.2.6.1 Sending a Provisional Response
One largely non-method-specific guideline for the generation of
responses is that UASs SHOULD NOT issue a provisional response for a
non-INVITE request. Rather, UASs SHOULD generate a final response to
a non-INVITE request as soon as possible.
When a 100 (Trying