SIP rollouts hit variety of snags


Commercial VoIP service rollouts are taking longer than anticipated as early adopters of Session Initiation Protocol experience unexpected interoperability problems with the increasingly important communications mechanism.

Commercial VoIP service rollouts are taking longer than anticipated as early adopters of Session Initiation Protocol experience unexpected interoperability problems with the increasingly important communications mechanism.

SIP is the emerging standard for setting up telephone calls, multimedia conferencing, instant messaging and other types of real-time communications on the Internet. An array of network gear including IP phones, IP PBXs, servers, media gateways and softswitches support SIP.

Also: Advice for SIP buyers

The interoperability problems stem from vendors taking different approaches to SIP features such as device registration, user authentication and firewall traversal. The problems range from failed user logons that cause systems to crash to annoyances such as difficulty transferring calls.

Of particular concern to experts is that some vendors have not followed the SIP guidelines for failover when a server goes down. Companies that buy SIP servers without the correct failover mechanisms are more likely to experience service outages, experts say.

"This is the natural process of dealing with vendors that have not been compelled to interoperate with each other in the past," says Jon Peterson, a co-author of the SIP specification and one of the directors of the Internet Engineering Task Force's (IETF) Transport Area. "The avant-garde that deploys SIP is going to have to bear a little pain."

SIP proponents say such interoperability problems are common for a protocol of SIP's size, complexity and flexibility. The main SIP specification, which the IETF finalized in June 2002, is 260 pages. The IETF has issued an additional 22 documents that detail SIP features and extensions.

To help improve how SIP products work together, the SIP development community is hosting its 14th interoperability testing event, called SIPit, next week in Cannes, France. Sixty vendors are expected to send engineers to the SIPit event, which will include troubleshooting in such areas as device registration, user authentication and server failover. (The SIPit event is closed to the public and press, and no information is released about which products fail to comply with the standard. SIPit officials spoke to Network World about the most common interoperability problems.)

Until these problems are fixed, companies planning to deploy SIP should allow extra time for troubleshooting, particularly if they plan to roll out SIP's more advanced features, experts say.

"SIP is extremely flexible, but anytime you have [a protocol] that's flexible, you have different ways of interpreting things or doing things," says Ken Fischer, principal architect for softswitch services at Level 3 Communications.

Level 3 has deployed SIP with 30 service providers including Qwest and SBC since it announced a VoIP offering in September. The IP backbone provider says interoperability problems are adding an extra month of troubleshooting to each of its SIP deployments, which are taking twice as long as planned.

"The problems are all minor and annoying, but there's enough of them" to have business implications, Fischer says. "We haven't run into anything where we've said this will take six months to fix or we'll never fix this. But there are all kinds of things where we have to get three engineers into a room and work through code. . . . On the business side, if it adds four weeks to our schedule, then it's four more weeks between a sale and revenue."

Despite the delays, Level 3 remains committed to SIP and says it is the best technology on the horizon to bring multimedia communications to the Internet.

"The basic call control functions [of SIP] work pretty well out of the box, but that's not why SIP was invented. It was invented for the new services," Fischer says. "The good news is that people have wonderful ideas about new services. The bad news is that you have to work through interoperability problems with these new services."

Carriers such as Level 3 are experiencing the pain of SIP interoperability problems first because they are mixing and matching products from multiple vendors. However, the implications of the SIP interoperability problems could be serious for the dozens of companies such as IBM, Reuters and that are rolling out SIP-based VoIP applications.

Reuters has run into all these interoperability problems in the past 18 months as it has deployed a SIP-based instant-messaging platform for the financial services industry that has 50,000 users each week. Reuters uses client and server software from Microsoft for its SIP applications.

"SIP is a session protocol, and it's very close to the application layer," says David Gurle, executive vice president for collaboration services at Reuters. "There's a perception that SIP will be as plug-and-play as TCP or [User Datagram Protocol] or IP or HTTP. But it's not going to be as easy as that because the higher you go in the networking stack, the more business logic you carry."

Gurle says Reuters has faced challenges getting its SIP-based application to integrate with non-SIP networks run by AOL and Microsoft, and SIP-based networks that IBM and others run. The hardest part of the process is translating between the business logic that these companies have built into their network applications.

"What surprises me the most is the difference in semantics," Gurle says. "It's like two persons trying to talk about the same thing but doing it from different perspectives. It's the business logic that makes the integration harder."

Gurle says it's easy to set up basic SIP communications across diverse network platforms but it gets much harder to deploy complex SIP-based applications such as presence and IM.

"There are a few things that SIP knows how to do well, quickly and at cheap cost," Gurle says. "But there are growing pains because lots of people want to leverage the flexibility of SIP, and in doing so they increase the difficulty of different implementations."

End-user devices that don't comply with the SIP specification cause most of the interoperability problems.

For example, several SIP phones are missing the ability to deal with a failed device registration. In these cases, a device will register what it considers a good password, but the server will reject that password. The device will keep trying to submit the password, and the server will keep rejecting it until the system crashes.

"There are several SIP devices that are made to look like voice telephones that have this problem," says Robert Sparks, a principal software engineer at Dynamicsoft and coordinator of the SIPit interoperability testing event. "These systems are being deployed enough to where it's causing people pain."

Another problematic area is SIP's digest authentication mechanism, which requires two round-trip messages to be sent between the end user and the server. Some SIP products handle authentication in one round-trip message, but these products do not comply with the SIP specification.

"There are some implementations that haven't followed the specifications and do their digest calculations wrong," Sparks says. "Down the road the SIP authentication story is going to get . . . better because we're working on certificate-based credentialing."

Problems also occur when end users want to transfer SIP calls outside their corporate network. Sometimes these call transfers don't work because of firewalls or network address translators at the edge of the two networks involved in the call transfer.

"If you're on a LAN inside your company and there are no NATs and no firewalls, the call transfer experience will be fine. But you drop in a NAT, you drop in a firewall or you drop in a policy enforcement mechanism, and call transfer tends to fail," Sparks says.

The IETF is working on two companion protocols - dubbed STUN for Simple Traversal of User Datagram Protocol Through Network Address Translators, and GRUU for Globally Routable User Agent Universal Resource Indicator - that will address how SIP works through NATs and firewalls.

"I don't see anything here that's a real showstopper for SIP, but there's hard work to be done on the NAT problem," Sparks says. "The IETF working groups are engaged in that work."

Interoperability problems also crop up when SIP vendors fail to use the standard telephone numbering scheme, known as E164 numbers. Vendors are supposed to require country codes first, then area codes and seven-digit numbers. But some vendors use their own private numbering plans, which causes incompatibilities.

Level 3 discovered that one softswitch vendor didn't follow the rule of placing a +1 at the beginning of all U.S. calls. This error created a problem because calls meant for India - which uses a 911 country code - were interpreted as emergency calls.

Also alarming is that the SIP mechanisms for handling server failover have not been implemented universally, making it difficult for failover to occur across different systems or networks. Sparks says this is the most critical interoperability problem that SIP faces today.

Server failover "is an area that needs industrywide attention," Sparks says. "Things are not working as well as they should. This has to do with scalability."

SIP proponents anticipate several developments this year that will improve how SIP products interoperate.

The SIP Forum is expected to release at the SIPit event a set of interoperability tests that SIP developers and buyers can use to test whether a particular device has known interoperability problems.

In addition, the IETF's Session Initiation Proposal Investigation working group is developing a so-called torture test that SIP product developers can use to test for compliance with the SIP specification. The test measures how well a SIP system can handle oddities such as ultra-long SIP messages and non-ASCII characters. The test should be finalized by summer.

By year-end, SIP proponents expect the emergence of third-party organizations that will certify products as SIP-compliant.

Learn more about this topic

Convergence research center

The latest news, opinions, case studies and more.

Must read: 11 hidden tips and tweaks for Windows 10
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies