1、 International Telecommunication Union ITU-T H.248.86TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (01/2014) SERIES H: AUDIOVISUAL AND MULTIMEDIA SYSTEMSInfrastructure of audiovisual services Communication procedures Gateway Control Protocol: ITU-T H.248 support for deep packet inspection Recommen
2、dation ITU-T H.248.86 ITU-T H-SERIES RECOMMENDATIONS AUDIOVISUAL AND MULTIMEDIA SYSTEMS CHARACTERISTICS OF VISUAL TELEPHONE SYSTEMS H.100H.199 INFRASTRUCTURE OF AUDIOVISUAL SERVICES General H.200H.219 Transmission multiplexing and synchronization H.220H.229 Systems aspects H.230H.239 Communication p
3、rocedures H.240H.259Coding of moving video H.260H.279 Related systems aspects H.280H.299 Systems and terminal equipment for audiovisual services H.300H.349 Directory services architecture for audiovisual and multimedia services H.350H.359 Quality of service architecture for audiovisual and multimedi
4、a services H.360H.369 Supplementary services for multimedia H.450H.499 MOBILITY AND COLLABORATION PROCEDURES Overview of Mobility and Collaboration, definitions, protocols and procedures H.500H.509 Mobility for H-Series multimedia systems and services H.510H.519 Mobile multimedia collaboration appli
5、cations and services H.520H.529 Security for mobile multimedia systems and services H.530H.539 Security for mobile multimedia collaboration applications and services H.540H.549 Mobility interworking procedures H.550H.559 Mobile multimedia collaboration inter-working procedures H.560H.569 BROADBAND,
6、TRIPLE-PLAY AND ADVANCED MULTIMEDIA SERVICES Broadband multimedia services over VDSL H.610H.619 Advanced multimedia services and applications H.620H.629 Ubiquitous sensor network applications and Internet of Things H.640H.649 IPTV MULTIMEDIA SERVICES AND APPLICATIONS FOR IPTV General aspects H.700H.
7、719 IPTV terminal devices H.720H.729 IPTV middleware H.730H.739 IPTV application event handling H.740H.749 IPTV metadata H.750H.759 IPTV multimedia application frameworks H.760H.769 IPTV service discovery up to consumption H.770H.779 Digital Signage H.780H.789 E-HEALTH MULTIMEDIA SERVICES AND APPLIC
8、ATIONS Interoperability compliance testing of personal health systems (HRN, PAN, LAN and WAN) H.820H.849 Multimedia e-health data exchange services H.860H.869 For further details, please refer to the list of ITU-T Recommendations. Rec. ITU-T H.248.86 (01/2014) i Recommendation ITU-T H.248.86 Gateway
9、 Control Protocol: ITU-T H.248 support for deep packet inspection Summary Recommendation ITU-T H.248.86 has in scope ITU-T H.248 media gateways with support of packet inspection capabilities. This Recommendation describes the relation of deep packet inspection (DPI) to existing ITU-T H.248 protocol
10、capabilities concerning packet processing, and defines new ITU-T H.248 packages with the specific scope of DPI. The proposed ITU-T H.248 packages serve various different network-level use cases and provide inherent flexibility due to the core design concept that separates encoding and transport of D
11、PI policy rules. History Edition Recommendation Approval Study Group Unique ID*1.0 ITU-T H.248.86 2014-01-13 16 11.1002/1000/12069 _ *To access the Recommendation, type the URL http:/handle.itu.int/ in the address field of your web browser, followed by the Recommendations unique ID. For example, htt
12、p:/handle.itu.int/11.1002/1000/11830-en. ii Rec. ITU-T H.248.86 (01/2014) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, information and communication technologies (ICTs). The ITU Telecommunication Standardization
13、 Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets
14、every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts pur
15、view, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. Compliance with this Recommendation is vol
16、untary. However, the Recommendation may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The words “shall“ or some other obligatory language such as “must“ and
17、the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this Recommendation may invol
18、ve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process. As of the date of approval of this Recom
19、mendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementers are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent database at
20、 http:/www.itu.int/ITU-T/ipr/. ITU 2014 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T H.248.86 (01/2014) iii Table of Contents Page 1 Scope 1 1.1 Applicability statements . 2 2 References. 2 3 Defi
21、nitions 3 3.1 Terms defined elsewhere 3 3.2 Terms defined in this Recommendation . 3 4 Abbreviations and acronyms 3 5 Conventions 6 5.1 Connection endpoint naming 6 5.2 Distinction of DPI and non-DPI cases 6 6 Overview 6 6.1 Policy rule model 6 6.2 Relation to other ITU-T H.248.x-series of Recommend
22、ations 7 6.3 Control and management of DPI policy rules 9 6.4 Package design philosophy . 9 7 Inspection rule base package 9 7.1 Properties 10 7.2 Events . 11 7.3 Signals 11 7.4 Statistics 11 7.5 Error codes 11 7.6 Procedures 11 8 Inspection rule operational package . 13 8.1 Properties 13 8.2 Events
23、 . 13 8.3 Signals 14 8.4 Statistics 15 8.5 Error codes 16 8.6 Procedures 16 9 Inspection rule group package 17 Appendix I MGC aspects of DPI policy rules 18 I.1 Introduction 18 I.2 MGC-locally vs MGC-remotely generated DPI policy rules . 18 Appendix II Examples of DPI and non-DPI Policy Rules 20 II.
24、1 Introduction 20 II.2 Examples of generic DPI and non-DPI policy rules 22 Appendix III ITU-T H.248 aspects for signalling DPI policy rules . 32 iv Rec. ITU-T H.248.86 (01/2014) Page III.1 Overview of principal signalling methods . 32 III.2 H.248 support . 34 Appendix IV Discussion on policy specifi
25、cation languages . 35 IV.1 Introduction 35 IV.2 PSL for policy control and policy management interfaces 35 IV.3 Survey of possible PSLs (non-exhaustive list) . 36 IV.4 PSLs on different network levels . 37 IV.5 Recommendations for selected PSLs . 38 IV.6 Discussion of policy specification language c
26、andidates 39 IV.7 Example PSL “SNORT“ Analysis and comments 40 Appendix V Emulation of DPI policy rule control interfaces 43 V.1 Purpose . 43 V.2 Guidelines for ITU-T H.248 profile specifications using native SNORT interfaces as an example . 43 V.3 Guidelines for ITU-T H.248 profile specifications u
27、sing 3GPP Diameter interfaces as an example . 43 Bibliography. 45 Rec. ITU-T H.248.86 (01/2014) 1 Recommendation ITU-T H.248.86 Gateway Control Protocol: ITU-T H.248 support for deep packet inspection 1 Scope An ITU-T H.248 media gateway (MG) provides operations on packet traffic in general, related
28、 to the ephemeral (and root) termination type. Several existing ITU-T H.248 packages include packet inspection as part of the overall defined service (such as gate management and packet filtering services according to ITU-T H.248.43). This Recommendation defines additional ITU-T H.248 capabilities f
29、or so-called deep packet inspection (DPI) related services. Understanding and definition of DPI in this Recommendation follows principally ITU-T Y.2770. The “DPI concept“ is fundamentally coupled with the architecture of layered protocol stacks, as expressed by the acronym words deep and packet. Fig
30、ure 1 depicts DPI in an example of an ITU-T X.200 layered protocol architecture, and also illustrates the historical evolution from shallow packet inspection (SPI) over medium depth packet inspection (MPI) towards DPI. It should be noted that SPI and MPI are colloquial terms, whereas clause 3.2.5 of
31、 ITU-T Y.2770 defines DPI. Further, the notion of packet is used in the broadest sense, typically nowadays focusing on IP packets IETF RFC 791, b-IETF RFC 2460, but covering non-IP traffic as well (see also clause 1.1 of ITU-T Y.2770). Figure 1 Packet Inspection Example of DPI, using a layered proto
32、col architecture according to OSI-BRM ITU-T X.200 where DPI covers also layer 2 This Recommendation: clarifies the understanding of DPI versus non-DPI in context of the ITU-T H.248.x-series of Recommendation (clause 5.2); describes the relation of “policy rule“ support by existing ITU-T H.248 packag
33、es (clause 6); and defines new ITU-T H.248 packages for flexible DPI support in various network scenarios (clauses 7 to 9). 2 Rec. ITU-T H.248.86 (01/2014) This Recommendation provides several appendices that provide complementary information on various aspects of ITU-T H.248-supported DPI. 1.1 Appl
34、icability statements As outlined by Figure 1, DPI is not a new technology, it is rather a continuous evolution of existing packet processing functions. Interactions with existing packet inspection technologies needs to be considered when using this Recommendation. 1.1.1 This Recommendation with othe
35、r ITU-T H.248.x-series Recommendations with policy rule support See clause 6.2. 1.1.2 This Recommendation with non-H.248 policy specification languages The usage of non-H.248 policy specification languages (PSL) is a fundamental concept behind the ITU-T H.248 capabilities for DPI support defined by
36、the ITU-T H.248 packages of this Recommendation. See also clause 6.4, Appendix III and Appendix IV. However, any normative guidance for the usage of such PSLs is out of scope of this Recommendation. 2 References The following ITU-T Recommendations and other references contain provisions which, throu
37、gh reference in this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references are subject to revision; users of this Recommendation are therefore encouraged to investigate the possibility of applying t
38、he most recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. The reference to a document within this Recommendation does not give it, as a stand-alone document, the status of a Recommendation. ITU-T H.248
39、.1 Recommendation ITU-T H.248.1 (2013), Gateway control protocol: Version 3. ITU-T H.248.37 Recommendation ITU-T H.248.37 (2008), Gateway control protocol: IP NAPT traversal package. ITU-T H.248.40 Recommendation ITU-T H.248.40 (2013), Gateway control protocol: Application data inactivity detection
40、package. ITU-T H.248.43 Recommendation ITU-T H.248.43 (2008), Gateway control protocol: Packages for gate management and gate control. ITU-T H.248.48 Recommendation ITU-T H.248.48 (2012), Gateway control protocol: RTCP XR block reporting package. ITU-T H.248.53 Recommendation ITU-T H.248.53 (2009),
41、Gateway control protocol: Traffic management packages. ITU-T H.248.61 Recommendation ITU-T H.248.61 (2013), Gateway control protocol: Packages for network level ITU-T H.248 statistics. ITU-T H.248.68 Recommendation ITU-T H.248.68 (2009), Gateway control protocol: Package for removal of digits and to
42、nes. ITU-T H.248.69 Recommendation ITU-T H.248.69 (2009), Gateway control protocol: Packages for interworking between MSRP and H.248. ITU-T H.248.76 Recommendation ITU-T H.248.76 (2010), Gateway control protocol: Filter group package and guidelines. Rec. ITU-T H.248.86 (01/2014) 3 ITU-T H.248.78 Rec
43、ommendation ITU-T H.248.78 (2013), Gateway control protocol: Bearer-level application level gateway. ITU-T H.248.79 Recommendation ITU-T H.248.79 (2012), Gateway control protocol: Guidelines for packet-based streams. ITU-T H.248.84 Recommendation ITU-T H.248.84 (2012), Gateway control protocol: NAT
44、traversal for peer-to-peer services. ITU-T X.200 Recommendation ITU-T X.200 (1994) | ISO/IEC 7498-1:1994, Information technology Open Systems Interconnection Basic Reference Model: The basic model. ITU-T Y.2770 Recommendation ITU-T Y.2770 (2012), Requirements for deep packet inspection in next gener
45、ation networks. IETF RFC 791 IETF RFC 791 (1981), Internet Protocol. IETF RFC 3986 IETF RFC 3986 (2005), Uniform Resource Identifier (URI): Generic Syntax. 3 Definitions 3.1 Terms defined elsewhere This Recommendation uses the following terms defined elsewhere: 3.1.1 deep packet inspection (DPI) ITU
46、-T Y.2770: Analysis, according to the layered protocol architecture OSI-BRM ITU-T X.200, of payload and/or packet properties (see list of potential properties in clause 3.2.11 of ITU-T Y.2770 deeper than protocol layer 2, 3 or 4 (L2/L3/L4) header information, and other packet properties in order to
47、identify the application unambiguously. NOTE The output of the DPI function, along with some extra information such as the flow information, is typically used in subsequent functions such as reporting or actions on the packet. 3.1.2 DPI policy rule ITU-T Y.2770: The policy rule pertinent to DPI (see
48、 also clause 3.1.2 in ITU-T Y.2770). In this Recommendation, a DPI policy rule is referred to simply as a rule. 3.2 Terms defined in this Recommendation None. 4 Abbreviations and acronyms This Recommendation uses the following abbreviations: A Address or Action ADC Application Detection and Control
49、ALG Application Level Gateway AMR Adaptive-Multi Rate (codec) API Application Programmable Interface ASIC Application Specific Integrated Circuit Bp Bucket size of peak token bucket ITU-T H.248.53 Bs Bucket size of sustainable token bucket ITU-T H.248.53 4 Rec. ITU-T H.248.86 (01/2014) BT (RTCP) Block Type C Condition CLI Command Line Interface Cz ITU-T H.248 Context CPU Central Processing Unit DA (IP) De
