Status: New
Owner: ----
Labels: Type-Defect Priority-Medium MSS-1.6.0.FINAL Release-Type-FINAL
Roadmap-Fix Component-Sip-Servlets
New issue 2348 by [email protected]: Mobicents SIP Servelt support for
RFC 5393
http://code.google.com/p/mobicents/issues/detail?id=2348
RFC 5393, "Addressing and Amplification Vulnerability in Session Initiation
Protocol (SIP) Forking Proxies" is an important update to RFC 3261.
Imagine a poorly configured network where proxy A forks to proxies B and
C, proxy B forks to proxies A and C, and proxy C forks to proxies A and
B. Sending in a single transaction results in an exponentially growing
amount of traffic after each fork. With the default "Max-Forwards:" value
of 70 you can very quickly overload a network in a catastrophic manner.
The fix to this involves adding new fields to "Via:" headers to allow these
loops to be detected and handled at the earliest opportunity.
As Mobicents SIP Servlets can be used to create forking proxies I think
this fix would be a good addition.
