Tackling Loop Detection in SIP Architecture
It is said that the definition of insanity is doing the same thing over and over again and expecting different results. I will venture to say that the technology variant is “Garbage in. Garbage out.” To stretch the phraseology one more inch, “You can’t make a silk purse from a sow’s ear.”
All of which brings me to today’s topic – loop detection in SIP.
Before I venture into the details, I want you to imagine a series of SIP proxies — A, B, and C. Each proxy has its own routing table to move calls around the network. Now, picture a situation where A receives a call that it routes to B. B checks its tables and routes the call to C. C checks its tables and routes the call to A. A checks its tables and routes the call to B. You see where this is going, don’t you?
This article originally appeared on SIP Adventures and is reprinted with permission.
The concept behind loop detection, sometimes referred to as loop avoidance, is the ability to recognize a call that is moving around the network, but never actually terminating at an endpoint.
Without the ability to detect and stop looping calls, you will quickly consume the resources of your SIP servers causing slowdowns or worse, crashes. Loop detection allows a SIP entity to realize that it has seen a call one too many times and stop it dead in its tracks.
SIP comes built-in with a header that supports loop detection. The Max-Forwards header contains a numeric value that is set by the original sender of a SIP message. This value is decremented by one (1) every time it passes through a SIP server, such as a proxy. If the value ever reaches zero (0), the message is rejected with a 483 Too Many Hops response.
After careful consideration of network topologies, the creators of SIP decided that the default for Max-Forwards should be 70.
This number was chosen to guarantee that a message would not be improperly dropped when there were no actual loops. For a decent-sized enterprise, this number seems big, but when you consider SIP in the PSTN, it’s reasonable enough. A user agent is allowed to lower the number, but should do so only if it’s sure that it will not cause a loop to be detected where none exists.
Individual vendors can implement additional methods to detect loops and Avaya has done so with its Session Manager product.
Max-Forwards stops a looping message on the basis of how many times a server has seen that message. However, it does nothing in the way of how often that message is seen time-wise. Avaya decided that having a message pound away at a Session Manager is just as bad as seeing it one too many times and added another level of loop detection.
Within a Session Manager’s configuration, you will find three settings that assist in loop detection. These settings are:
Loop Detection Mode: The default value is Off. Setting it to On activates loop detection for all Entity Links associated with a SIP Entity.
Loop Count Threshold: The default value is 5. The allowed range is 2 to 10,000.
Loops Detection Interval (in msec): The default value is 200 msec. The allowed range is 10 msec to 10,000 msec.
Session Manager loop detection is defined as the following:
If the number of incoming requests with the same combination of SIP-URI, To, From, and PAI header values reaches the administered Loop Count Threshold value within the Loop Detection Interval time, Session Manager rejects these requests.
For example, if the successive loop call arrives at Session Manager after 40 milliseconds (because of the propagation delay of the intermediate hops) and the administrator needs to break the loop on the fifth loop call instance, the recommended Firewall configuration must have Loop Count Threshold as 5 and Loop Detection Interval as 200 milliseconds.
By using Max-Forwards and these Session Manager additions, loops can be detected and stopped by both the number of times a Session Manager sees a particular message and the frequency of its arrival.
However, even without Session Manager, there is no reason why you need to worry about doing the same thing over and over and over and over and over and over… again. Max-Forwards stops the insanity before it has a chance to take over.
Now, if only such a header could be set for some people I know.